Joe Sandbox Cloud Basic Analysis Report

Loading Joe Sandbox Report ...

Edit tour

Windows Analysis Report
MDE_File_Sample_a8068703372ae00821df45d3d1e83528d5b75530.zip

Overview

General Information

Sample name:MDE_File_Sample_a8068703372ae00821df45d3d1e83528d5b75530.zip
Analysis ID:1431982
MD5:110d5f1b1c6728b33d4adeae124400b1
SHA1:39e6b521680529c1214b6be85b289fee9da341b0
SHA256:75c2bcefef95b7656a36428c8408a3567540af8772d70426e674da0eccdc7d27
Infos:

Detection

Score:5
Range:0 - 100
Whitelisted:false
Confidence:60%

Signatures

Contains functionality for execution timing, often used to detect debuggers
Contains functionality to call native functions
Creates a process in suspended mode (likely to inject code)
Detected potential crypto function
Drops PE files
Drops files with a non-matching file extension (content does not match file extension)
IP address seen in connection with other malware
JA3 SSL client fingerprint seen in connection with other malware
May sleep (evasive loops) to hinder dynamic analysis
PE file contains sections with non-standard names
Queries the volume information (name, serial number etc) of a device

Classification

Analysis Advice

Sample tries to load a library which is not present or installed on the analysis machine, adding the library might reveal more behavior
Uses HTTPS for network communication, use the 'Proxy HTTPS (port 443) to read its encrypted data' cookbook for further analysis

Process Tree

  • System is w10x64_ra
  • rundll32.exe (PID: 7056 cmdline: C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding MD5: EF3179D498793BF4234F708D3BE28633)
  • OpenWith.exe (PID: 852 cmdline: C:\Windows\system32\OpenWith.exe -Embedding MD5: E4A834784FA08C17D47A1E72429C5109)
    • firefox.exe (PID: 3816 cmdline: "C:\Program Files\Mozilla Firefox\firefox.exe" -osint -url "C:\Users\user\AppData\Local\Temp\Temp1_MDE_File_Sample_a8068703372ae00821df45d3d1e83528d5b75530.zip\a8068703372ae00821df45d3d1e83528d5b75530" MD5: C86B1BE9ED6496FE0E0CBE73F81D8045)
      • firefox.exe (PID: 6392 cmdline: "C:\Program Files\Mozilla Firefox\firefox.exe" -osint -url C:\Users\user\AppData\Local\Temp\Temp1_MDE_File_Sample_a8068703372ae00821df45d3d1e83528d5b75530.zip\a8068703372ae00821df45d3d1e83528d5b75530 MD5: C86B1BE9ED6496FE0E0CBE73F81D8045)
        • firefox.exe (PID: 2760 cmdline: "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=2304 -parentBuildID 20230927232528 -prefsHandle 2248 -prefMapHandle 2232 -prefsLen 25250 -prefMapSize 237879 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {84178f49-fa31-4e5c-8e41-cdee470f9e82} 6392 "\\.\pipe\gecko-crash-server-pipe.6392" 235c4671b10 socket MD5: C86B1BE9ED6496FE0E0CBE73F81D8045)
        • firefox.exe (PID: 6184 cmdline: "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=4020 -parentBuildID 20230927232528 -prefsHandle 4012 -prefMapHandle 4004 -prefsLen 26265 -prefMapSize 237879 -appDir "C:\Program Files\Mozilla Firefox\browser" - {97f5d0a2-275d-4e4d-81e3-139df34d68d6} 6392 "\\.\pipe\gecko-crash-server-pipe.6392" 235d65df510 rdd MD5: C86B1BE9ED6496FE0E0CBE73F81D8045)
        • firefox.exe (PID: 4956 cmdline: "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=5548 -parentBuildID 20230927232528 -sandboxingKind 0 -prefsHandle 5620 -prefMapHandle 5616 -prefsLen 33076 -prefMapSize 237879 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {b6afafae-c0dc-4023-a0ff-235b54a45615} 6392 "\\.\pipe\gecko-crash-server-pipe.6392" 235e4d2fd10 utility MD5: C86B1BE9ED6496FE0E0CBE73F81D8045)
  • OpenWith.exe (PID: 1844 cmdline: C:\Windows\system32\OpenWith.exe -Embedding MD5: E4A834784FA08C17D47A1E72429C5109)
    • Acrobat.exe (PID: 2356 cmdline: "C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe" "C:\Users\user\Downloads\a8068703372ae00821df45d3d1e83528d5b75530" MD5: 24EAD1C46A47022347DC0F05F6EFBB8C)
      • AcroCEF.exe (PID: 3356 cmdline: "C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe" --backgroundcolor=16777215 MD5: 9B38E8E8B6DD9622D24B53E095C5D9BE)
        • AcroCEF.exe (PID: 6436 cmdline: "C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --log-severity=disable --user-agent-product="ReaderServices/23.6.20320 Chrome/105.0.0.0" --lang=en-US --log-file="C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\debug.log" --mojo-platform-channel-handle=1756 --field-trial-handle=1584,i,12228695359465084029,946614608337436379,131072 --disable-features=BackForwardCache,CalculateNativeWinOcclusion,WinUseBrowserSpellChecker /prefetch:8 MD5: 9B38E8E8B6DD9622D24B53E095C5D9BE)
  • cleanup

Malware Configuration

No configs have been found

Yara Signatures

No yara matches

Sigma Signatures

No Sigma rule has matched

Snort Signatures

No Snort rule has matched

Joe Sandbox Signatures

Click to jump to signature section

Show All Signature Results

There are no malicious signatures, click here to show all signatures.

Source: unknownHTTPS traffic detected: 35.244.181.201:443 -> 192.168.2.16:49719 version: TLS 1.2
Source: unknownHTTPS traffic detected: 34.160.144.191:443 -> 192.168.2.16:49721 version: TLS 1.2
Source: unknownHTTPS traffic detected: 34.160.144.191:443 -> 192.168.2.16:49724 version: TLS 1.2
Source: unknownHTTPS traffic detected: 35.244.181.201:443 -> 192.168.2.16:49731 version: TLS 1.2
Source: unknownHTTPS traffic detected: 34.149.100.209:443 -> 192.168.2.16:49732 version: TLS 1.2
Source: unknownHTTPS traffic detected: 34.149.100.209:443 -> 192.168.2.16:49734 version: TLS 1.2
Source: unknownHTTPS traffic detected: 34.120.208.123:443 -> 192.168.2.16:49737 version: TLS 1.2
Source: unknownHTTPS traffic detected: 34.120.208.123:443 -> 192.168.2.16:49736 version: TLS 1.2
Source: unknownHTTPS traffic detected: 34.149.100.209:443 -> 192.168.2.16:49742 version: TLS 1.2
Source: unknownHTTPS traffic detected: 18.173.166.117:443 -> 192.168.2.16:49744 version: TLS 1.2
Source: unknownHTTPS traffic detected: 35.244.181.201:443 -> 192.168.2.16:49743 version: TLS 1.2
Source: unknownHTTPS traffic detected: 35.244.181.201:443 -> 192.168.2.16:49746 version: TLS 1.2
Source: unknownHTTPS traffic detected: 35.244.181.201:443 -> 192.168.2.16:49747 version: TLS 1.2
Source: unknownHTTPS traffic detected: 35.244.181.201:443 -> 192.168.2.16:49745 version: TLS 1.2
Source: unknownHTTPS traffic detected: 34.149.100.209:443 -> 192.168.2.16:49751 version: TLS 1.2
Source: unknownHTTPS traffic detected: 34.120.208.123:443 -> 192.168.2.16:49757 version: TLS 1.2
Source: unknownHTTPS traffic detected: 34.120.208.123:443 -> 192.168.2.16:49754 version: TLS 1.2
Source: unknownHTTPS traffic detected: 34.120.208.123:443 -> 192.168.2.16:49755 version: TLS 1.2
Source: unknownHTTPS traffic detected: 34.120.208.123:443 -> 192.168.2.16:49752 version: TLS 1.2
Source: unknownHTTPS traffic detected: 34.120.208.123:443 -> 192.168.2.16:49753 version: TLS 1.2
Source: unknownHTTPS traffic detected: 34.120.208.123:443 -> 192.168.2.16:49756 version: TLS 1.2
Source: unknownHTTPS traffic detected: 34.120.208.123:443 -> 192.168.2.16:49758 version: TLS 1.2
Source: unknownHTTPS traffic detected: 34.120.208.123:443 -> 192.168.2.16:49759 version: TLS 1.2
Source: Binary string: webauthn.pdb source: firefox.exe, 0000000D.00000003.1576891553.00000235E715D000.00000004.00000020.00020000.00000000.sdmp
Source: Binary string: z:\task_1551543573\build\openh264\gmpopenh264.pdbV source: firefox.exe, 0000000D.00000003.1999381086.00000235DE285000.00000004.00000800.00020000.00000000.sdmp, gmpopenh264.dll.tmp.13.dr
Source: Binary string: wsock32.pdbUGP source: firefox.exe, 0000000D.00000003.1556420055.00000235D44EF000.00000004.00000020.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1551530483.00000235D44E6000.00000004.00000020.00020000.00000000.sdmp
Source: Binary string: z:\task_1551543573\build\openh264\gmpopenh264.pdb source: firefox.exe, 0000000D.00000003.1999381086.00000235DE285000.00000004.00000800.00020000.00000000.sdmp, gmpopenh264.dll.tmp.13.dr
Source: Binary string: webauthn.pdbGCTL source: firefox.exe, 0000000D.00000003.1576891553.00000235E715D000.00000004.00000020.00020000.00000000.sdmp
Source: Binary string: wsock32.pdb source: firefox.exe, 0000000D.00000003.1556420055.00000235D44EF000.00000004.00000020.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1551530483.00000235D44E6000.00000004.00000020.00020000.00000000.sdmp
Source: firefox.exeMemory has grown: Private usage: 1MB later: 320MB
Source: Joe Sandbox ViewIP Address: 18.173.166.117 18.173.166.117
Source: Joe Sandbox ViewIP Address: 34.149.100.209 34.149.100.209
Source: Joe Sandbox ViewIP Address: 34.117.188.166 34.117.188.166
Source: Joe Sandbox ViewIP Address: 34.160.144.191 34.160.144.191
Source: Joe Sandbox ViewJA3 fingerprint: fb0aa01abe9d8e4037eb3473ca6e2dca
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: global trafficHTTP traffic detected: GET /canonical.html HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateCache-Control: no-cachePragma: no-cacheConnection: keep-alive
Source: global trafficHTTP traffic detected: GET /success.txt?ipv4 HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateConnection: keep-alivePragma: no-cacheCache-Control: no-cache
Source: global trafficHTTP traffic detected: GET /canonical.html HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateCache-Control: no-cachePragma: no-cacheConnection: keep-alive
Source: global trafficHTTP traffic detected: GET /success.txt?ipv4 HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateConnection: keep-alivePragma: no-cacheCache-Control: no-cache
Source: global trafficHTTP traffic detected: GET /canonical.html HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateCache-Control: no-cachePragma: no-cacheConnection: keep-alive
Source: global trafficHTTP traffic detected: GET /success.txt?ipv4 HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateConnection: keep-alivePragma: no-cacheCache-Control: no-cache
Source: global trafficHTTP traffic detected: GET /canonical.html HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateCache-Control: no-cachePragma: no-cacheConnection: keep-alive
Source: global trafficHTTP traffic detected: GET /success.txt?ipv4 HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateConnection: keep-alivePragma: no-cacheCache-Control: no-cache
Source: global trafficHTTP traffic detected: GET /canonical.html HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateCache-Control: no-cachePragma: no-cacheConnection: keep-alive
Source: global trafficHTTP traffic detected: GET /success.txt?ipv4 HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateConnection: keep-alivePragma: no-cacheCache-Control: no-cache
Source: global trafficHTTP traffic detected: GET /canonical.html HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateCache-Control: no-cachePragma: no-cacheConnection: keep-alive
Source: global trafficHTTP traffic detected: GET /success.txt?ipv4 HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateConnection: keep-alivePragma: no-cacheCache-Control: no-cache
Source: global trafficHTTP traffic detected: GET /canonical.html HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateCache-Control: no-cachePragma: no-cacheConnection: keep-alive
Source: global trafficHTTP traffic detected: GET /success.txt?ipv4 HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateConnection: keep-alivePragma: no-cacheCache-Control: no-cache
Source: global trafficHTTP traffic detected: GET /canonical.html HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateCache-Control: no-cachePragma: no-cacheConnection: keep-alive
Source: global trafficHTTP traffic detected: GET /success.txt?ipv4 HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateConnection: keep-alivePragma: no-cacheCache-Control: no-cache
Source: global trafficHTTP traffic detected: GET /canonical.html HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateCache-Control: no-cachePragma: no-cacheConnection: keep-alive
Source: global trafficHTTP traffic detected: GET /success.txt?ipv4 HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateConnection: keep-alivePragma: no-cacheCache-Control: no-cache
Source: global trafficHTTP traffic detected: GET /canonical.html HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateCache-Control: no-cachePragma: no-cacheConnection: keep-alive
Source: global trafficHTTP traffic detected: GET /success.txt?ipv4 HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateConnection: keep-alivePragma: no-cacheCache-Control: no-cache
Source: global trafficHTTP traffic detected: GET /canonical.html HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateCache-Control: no-cachePragma: no-cacheConnection: keep-alive
Source: global trafficHTTP traffic detected: GET /success.txt?ipv4 HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateConnection: keep-alivePragma: no-cacheCache-Control: no-cache
Source: global trafficHTTP traffic detected: GET /canonical.html HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateCache-Control: no-cachePragma: no-cacheConnection: keep-alive
Source: global trafficHTTP traffic detected: GET /success.txt?ipv4 HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateConnection: keep-alivePragma: no-cacheCache-Control: no-cache
Source: global trafficHTTP traffic detected: GET /canonical.html HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateCache-Control: no-cachePragma: no-cacheConnection: keep-alive
Source: global trafficHTTP traffic detected: GET /success.txt?ipv4 HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateConnection: keep-alivePragma: no-cacheCache-Control: no-cache
Source: global trafficHTTP traffic detected: GET /canonical.html HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateCache-Control: no-cachePragma: no-cacheConnection: keep-alive
Source: global trafficHTTP traffic detected: GET /success.txt?ipv4 HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateConnection: keep-alivePragma: no-cacheCache-Control: no-cache
Source: global trafficHTTP traffic detected: GET /canonical.html HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateCache-Control: no-cachePragma: no-cacheConnection: keep-alive
Source: global trafficHTTP traffic detected: GET /success.txt?ipv4 HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateConnection: keep-alivePragma: no-cacheCache-Control: no-cache
Source: global trafficHTTP traffic detected: GET /canonical.html HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateCache-Control: no-cachePragma: no-cacheConnection: keep-alive
Source: global trafficHTTP traffic detected: GET /success.txt?ipv4 HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateConnection: keep-alivePragma: no-cacheCache-Control: no-cache
Source: firefox.exe, 0000000D.00000003.1643080369.00002D8BE8704000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: *://www.facebook.com/* equals www.facebook.com (Facebook)
Source: firefox.exe, 0000000D.00000003.1643080369.00002D8BE8704000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: *://www.facebook.com/*Z equals www.facebook.com (Facebook)
Source: firefox.exe, 0000000D.00000003.1643080369.00002D8BE8704000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: *://www.youtube.com/* equals www.youtube.com (Youtube)
Source: firefox.exe, 0000000D.00000003.1643080369.00002D8BE8704000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: *://www.youtube.com/*Z equals www.youtube.com (Youtube)
Source: firefox.exe, 0000000D.00000003.1765347483.00000235E5BD1000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1835814206.00000235E5BD2000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1646867908.00000235E5BC3000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: 8*://www.facebook.com/* equals www.facebook.com (Facebook)
Source: firefox.exe, 0000000D.00000003.1701821774.00000235E5BFC000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1686378220.00000235E5BF1000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1646867908.00000235E5BDB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: 8*://www.youtube.com/* equals www.youtube.com (Youtube)
Source: firefox.exe, 0000000D.00000003.1765347483.00000235E5BD1000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1835814206.00000235E5BD2000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1646867908.00000235E5BC3000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: 8www.facebook.com equals www.facebook.com (Facebook)
Source: firefox.exe, 0000000D.00000003.1701821774.00000235E5BFC000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1686378220.00000235E5BF1000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1646867908.00000235E5BDB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: 8www.youtube.com equals www.youtube.com (Youtube)
Source: firefox.exe, 0000000D.00000003.1474256065.00000235DC532000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: `https://www.facebook.com/ equals www.facebook.com (Facebook)
Source: firefox.exe, 0000000D.00000003.1474256065.00000235DC532000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: `https://www.youtube.com/ equals www.youtube.com (Youtube)
Source: firefox.exe, 0000000D.00000003.1785521245.00000235D6558000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://vk.com/,https://www.youtube.com/,https://ok.ru/,https://www.avito.ru/,https://www.aliexpress.com/,https://www.wikipedia.org/ equals www.youtube.com (Youtube)
Source: firefox.exe, 0000000D.00000003.1785521245.00000235D6558000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.youtube.com/,https://www.facebook.com/,https://allegro.pl/,https://www.wikipedia.org/,https://www.olx.pl/,https://www.wykop.pl/ equals www.facebook.com (Facebook)
Source: firefox.exe, 0000000D.00000003.1785521245.00000235D6558000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.youtube.com/,https://www.facebook.com/,https://allegro.pl/,https://www.wikipedia.org/,https://www.olx.pl/,https://www.wykop.pl/ equals www.youtube.com (Youtube)
Source: firefox.exe, 0000000D.00000003.1785521245.00000235D6558000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.youtube.com/,https://www.facebook.com/,https://www.amazon.com/,https://www.reddit.com/,https://www.wikipedia.org/,https://twitter.com/ equals www.facebook.com (Facebook)
Source: firefox.exe, 0000000D.00000003.1785521245.00000235D6558000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.youtube.com/,https://www.facebook.com/,https://www.amazon.com/,https://www.reddit.com/,https://www.wikipedia.org/,https://twitter.com/ equals www.twitter.com (Twitter)
Source: firefox.exe, 0000000D.00000003.1785521245.00000235D6558000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.youtube.com/,https://www.facebook.com/,https://www.amazon.com/,https://www.reddit.com/,https://www.wikipedia.org/,https://twitter.com/ equals www.youtube.com (Youtube)
Source: firefox.exe, 0000000D.00000003.1785521245.00000235D6558000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.youtube.com/,https://www.facebook.com/,https://www.amazon.de/,https://www.ebay.de/,https://www.wikipedia.org/,https://www.reddit.com/ equals www.facebook.com (Facebook)
Source: firefox.exe, 0000000D.00000003.1785521245.00000235D6558000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.youtube.com/,https://www.facebook.com/,https://www.amazon.de/,https://www.ebay.de/,https://www.wikipedia.org/,https://www.reddit.com/ equals www.youtube.com (Youtube)
Source: firefox.exe, 0000000D.00000003.1785521245.00000235D6558000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.youtube.com/,https://www.facebook.com/,https://www.reddit.com/,https://www.amazon.co.uk/,https://www.bbc.co.uk/,https://www.ebay.co.uk/ equals www.facebook.com (Facebook)
Source: firefox.exe, 0000000D.00000003.1785521245.00000235D6558000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.youtube.com/,https://www.facebook.com/,https://www.reddit.com/,https://www.amazon.co.uk/,https://www.bbc.co.uk/,https://www.ebay.co.uk/ equals www.youtube.com (Youtube)
Source: firefox.exe, 0000000D.00000003.1785521245.00000235D6558000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.youtube.com/,https://www.facebook.com/,https://www.reddit.com/,https://www.wikipedia.org/,https://www.amazon.ca/,https://twitter.com/ equals www.facebook.com (Facebook)
Source: firefox.exe, 0000000D.00000003.1785521245.00000235D6558000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.youtube.com/,https://www.facebook.com/,https://www.reddit.com/,https://www.wikipedia.org/,https://www.amazon.ca/,https://twitter.com/ equals www.twitter.com (Twitter)
Source: firefox.exe, 0000000D.00000003.1785521245.00000235D6558000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.youtube.com/,https://www.facebook.com/,https://www.reddit.com/,https://www.wikipedia.org/,https://www.amazon.ca/,https://twitter.com/ equals www.youtube.com (Youtube)
Source: firefox.exe, 0000000D.00000003.1785521245.00000235D6558000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.youtube.com/,https://www.facebook.com/,https://www.wikipedia.org/,https://www.amazon.fr/,https://www.leboncoin.fr/,https://twitter.com/ equals www.facebook.com (Facebook)
Source: firefox.exe, 0000000D.00000003.1785521245.00000235D6558000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.youtube.com/,https://www.facebook.com/,https://www.wikipedia.org/,https://www.amazon.fr/,https://www.leboncoin.fr/,https://twitter.com/ equals www.twitter.com (Twitter)
Source: firefox.exe, 0000000D.00000003.1785521245.00000235D6558000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.youtube.com/,https://www.facebook.com/,https://www.wikipedia.org/,https://www.amazon.fr/,https://www.leboncoin.fr/,https://twitter.com/ equals www.youtube.com (Youtube)
Source: firefox.exe, 0000000D.00000003.1785521245.00000235D6558000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.youtube.com/,https://www.facebook.com/,https://www.wikipedia.org/,https://www.amazon.fr/,https://www.leboncoin.fr/,https://twitter.com/L equals www.facebook.com (Facebook)
Source: firefox.exe, 0000000D.00000003.1785521245.00000235D6558000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.youtube.com/,https://www.facebook.com/,https://www.wikipedia.org/,https://www.amazon.fr/,https://www.leboncoin.fr/,https://twitter.com/L equals www.twitter.com (Twitter)
Source: firefox.exe, 0000000D.00000003.1785521245.00000235D6558000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.youtube.com/,https://www.facebook.com/,https://www.wikipedia.org/,https://www.amazon.fr/,https://www.leboncoin.fr/,https://twitter.com/L equals www.youtube.com (Youtube)
Source: firefox.exe, 0000000D.00000003.1785521245.00000235D6558000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1737424352.00000235DC1AC000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000002.2431335485.0000014A6BF0A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.youtube.com/,https://www.facebook.com/,https://www.wikipedia.org/,https://www.reddit.com/,https://www.amazon.com/,https://twitter.com/ equals www.facebook.com (Facebook)
Source: firefox.exe, 0000000D.00000003.1785521245.00000235D6558000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1737424352.00000235DC1AC000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000002.2431335485.0000014A6BF0A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.youtube.com/,https://www.facebook.com/,https://www.wikipedia.org/,https://www.reddit.com/,https://www.amazon.com/,https://twitter.com/ equals www.twitter.com (Twitter)
Source: firefox.exe, 0000000D.00000003.1785521245.00000235D6558000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1737424352.00000235DC1AC000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000002.2431335485.0000014A6BF0A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.youtube.com/,https://www.facebook.com/,https://www.wikipedia.org/,https://www.reddit.com/,https://www.amazon.com/,https://twitter.com/ equals www.youtube.com (Youtube)
Source: firefox.exe, 0000000D.00000003.1686378220.00000235E5BF1000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1646867908.00000235E5BDB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: moz-extension://06836808-3da5-4b66-93b7-b66b1a840a96/injections/js/bug1842437-www.youtube.com-performance-now-precision.js equals www.youtube.com (Youtube)
Source: firefox.exe, 0000000D.00000003.1765347483.00000235E5BD1000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1835814206.00000235E5BD2000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1646867908.00000235E5BC3000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: www.facebook.com equals www.facebook.com (Facebook)
Source: firefox.exe, 0000000D.00000003.1643080369.00002D8BE8704000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: www.facebook.comZ equals www.facebook.com (Facebook)
Source: firefox.exe, 0000000D.00000003.1701821774.00000235E5BFC000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1686378220.00000235E5BF1000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1646867908.00000235E5BDB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: www.youtube.com equals www.youtube.com (Youtube)
Source: firefox.exe, 0000000D.00000003.1763391492.00000235E5C55000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: www.youtube.com- equals www.youtube.com (Youtube)
Source: firefox.exe, 0000000D.00000003.1653138282.00000235E4941000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1964225729.00000235D52E8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: x*://www.facebook.com/platform/impression.php* equals www.facebook.com (Facebook)
Source: global trafficDNS traffic detected: DNS query: detectportal.firefox.com
Source: global trafficDNS traffic detected: DNS query: prod.detectportal.prod.cloudops.mozgcp.net
Source: global trafficDNS traffic detected: DNS query: contile.services.mozilla.com
Source: global trafficDNS traffic detected: DNS query: example.org
Source: global trafficDNS traffic detected: DNS query: ipv4only.arpa
Source: global trafficDNS traffic detected: DNS query: spocs.getpocket.com
Source: global trafficDNS traffic detected: DNS query: prod.ads.prod.webservices.mozgcp.net
Source: global trafficDNS traffic detected: DNS query: prod.balrog.prod.cloudops.mozgcp.net
Source: global trafficDNS traffic detected: DNS query: content-signature-2.cdn.mozilla.net
Source: global trafficDNS traffic detected: DNS query: prod.content-signature-chains.prod.webservices.mozgcp.net
Source: global trafficDNS traffic detected: DNS query: shavar.services.mozilla.com
Source: global trafficDNS traffic detected: DNS query: push.services.mozilla.com
Source: global trafficDNS traffic detected: DNS query: firefox.settings.services.mozilla.com
Source: global trafficDNS traffic detected: DNS query: telemetry-incoming.r53-2.services.mozilla.com
Source: global trafficDNS traffic detected: DNS query: prod.remote-settings.prod.webservices.mozgcp.net
Source: global trafficDNS traffic detected: DNS query: www.facebook.com
Source: global trafficDNS traffic detected: DNS query: www.youtube.com
Source: global trafficDNS traffic detected: DNS query: www.wikipedia.org
Source: global trafficDNS traffic detected: DNS query: star-mini.c10r.facebook.com
Source: global trafficDNS traffic detected: DNS query: youtube-ui.l.google.com
Source: global trafficDNS traffic detected: DNS query: dyna.wikimedia.org
Source: global trafficDNS traffic detected: DNS query: www.reddit.com
Source: global trafficDNS traffic detected: DNS query: twitter.com
Source: global trafficDNS traffic detected: DNS query: reddit.map.fastly.net
Source: global trafficDNS traffic detected: DNS query: services.addons.mozilla.org
Source: global trafficDNS traffic detected: DNS query: normandy.cdn.mozilla.net
Source: global trafficDNS traffic detected: DNS query: normandy-cdn.services.mozilla.com
Source: firefox.exe, 0000000D.00000003.1932171214.00000235D783D000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1775029103.00000235D783D000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1925858398.00000235DC5E3000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1810649041.00000235D783F000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1730202178.00000235DC5D9000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1775029103.00000235D7847000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1810649041.00000235D7842000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000002.2422028968.0000014A6BE31000.00000002.08000000.00040000.00000000.sdmpString found in binary or memory: http://127.0.0.1:
Source: firefox.exe, 0000000D.00000003.1766692907.00000235E1268000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://a9.com/-/spec/opensearch/1.0/
Source: firefox.exe, 0000000D.00000003.1766692907.00000235E1268000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://a9.com/-/spec/opensearch/1.1/
Source: firefox.exe, 0000000D.00000003.1766692907.00000235E1268000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://a9.com/-/spec/opensearchdescription/1.0/
Source: firefox.exe, 0000000D.00000003.1766692907.00000235E1268000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://a9.com/-/spec/opensearchdescription/1.1/
Source: firefox.exe, 0000000D.00000003.2010639170.00000235E86F0000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1537795527.00000235D44E6000.00000004.00000020.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1578687988.00000235D44CF000.00000004.00000020.00020000.00000000.sdmp, gmpopenh264.dll.tmp.13.drString found in binary or memory: http://cacerts.digicert.com/DigiCertAssuredIDRootCA.crt0
Source: firefox.exe, 0000000D.00000003.1704476100.00000235DE147000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1461476410.00000235CB3DA000.00000004.00000020.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1894880868.00000235DE143000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1472083793.00000235DE143000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1465253611.00000235CB3DA000.00000004.00000020.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1552397597.00000235D44C4000.00000004.00000020.00020000.00000000.sdmp, fUYnz81b.part.13.drString found in binary or memory: http://cacerts.digicert.com/DigiCertAssuredIDRootCA.crt0E
Source: firefox.exe, 0000000D.00000003.1965211941.00000235D52D0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://cacerts.digicert.com/DigiCertGlobalRootCA.crt0
Source: firefox.exe, 0000000D.00000003.1965211941.00000235D52D0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://cacerts.digicert.com/DigiCertGlobalRootCA.crt0B
Source: firefox.exe, 0000000D.00000003.2010639170.00000235E86F0000.00000004.00000800.00020000.00000000.sdmp, gmpopenh264.dll.tmp.13.drString found in binary or memory: http://cacerts.digicert.com/DigiCertSHA2AssuredIDCodeSigningCA.crt0
Source: firefox.exe, 0000000D.00000003.1461476410.00000235CB3DA000.00000004.00000020.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1735875133.00000235DC366000.00000004.00000800.00020000.00000000.sdmp, fUYnz81b.part.13.drString found in binary or memory: http://cacerts.digicert.com/DigiCertTrustedG4CodeSigningRSA4096SHA3842021CA1.crt0
Source: firefox.exe, 0000000D.00000003.1461476410.00000235CB3DA000.00000004.00000020.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1465253611.00000235CB3DA000.00000004.00000020.00020000.00000000.sdmp, fUYnz81b.part.13.drString found in binary or memory: http://cacerts.digicert.com/DigiCertTrustedG4RSA4096SHA256TimeStampingCA.crt0
Source: firefox.exe, 0000000D.00000003.1461476410.00000235CB3DA000.00000004.00000020.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1465253611.00000235CB3DA000.00000004.00000020.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1464201042.00000235CB3DA000.00000004.00000020.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1794812138.00000235D628B000.00000004.00000800.00020000.00000000.sdmp, fUYnz81b.part.13.drString found in binary or memory: http://cacerts.digicert.com/DigiCertTrustedRootG4.crt0C
Source: firefox.exe, 0000000D.00000003.2045350133.00000235E69E1000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1961844704.00000235D5585000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://ciscobinary.openh264.org
Source: firefox.exe, 0000000D.00000003.1967127632.00000235D4ED4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://ciscobinary.openh264.org/
Source: firefox.exe, 0000000D.00000003.1938697637.00000235D6B38000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://ciscobinary.openh264.org/openh264-android-aarch64-42954cf0fe8a2bdc97fdc180462a3eaefceb035f.zi
Source: firefox.exe, 0000000D.00000003.1938697637.00000235D6B38000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://ciscobinary.openh264.org/openh264-android-arm-42954cf0fe8a2bdc97fdc180462a3eaefceb035f.zip
Source: firefox.exe, 0000000D.00000003.1938697637.00000235D6B38000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://ciscobinary.openh264.org/openh264-android-x86-42954cf0fe8a2bdc97fdc180462a3eaefceb035f.zip
Source: firefox.exe, 0000000D.00000003.1938697637.00000235D6B38000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://ciscobinary.openh264.org/openh264-android-x86_64-42954cf0fe8a2bdc97fdc180462a3eaefceb035f.zip
Source: firefox.exe, 0000000D.00000003.1938697637.00000235D6B38000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://ciscobinary.openh264.org/openh264-linux32-2e1774ab6dc6c43debb0b5b628bdf122a391d521.zip
Source: firefox.exe, 0000000D.00000003.1938697637.00000235D6B38000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://ciscobinary.openh264.org/openh264-linux64-2e1774ab6dc6c43debb0b5b628bdf122a391d521.zip
Source: firefox.exe, 0000000D.00000003.1938697637.00000235D6B38000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://ciscobinary.openh264.org/openh264-macosx64-2e1774ab6dc6c43debb0b5b628bdf122a391d521-2.zip
Source: firefox.exe, 0000000D.00000003.1938697637.00000235D6B38000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://ciscobinary.openh264.org/openh264-macosx64-aarch64-2e1774ab6dc6c43debb0b5b628bdf122a391d521-2
Source: firefox.exe, 0000000D.00000003.1938697637.00000235D6B38000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://ciscobinary.openh264.org/openh264-win32-2e1774ab6dc6c43debb0b5b628bdf122a391d521.zip
Source: firefox.exe, 0000000D.00000003.2045350133.00000235E69E1000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.2027345586.00000235DDE23000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://ciscobinary.openh264.org/openh264-win64-2e1774ab6dc6c43debb0b5b628bdf122a391d521.zip
Source: firefox.exe, 0000000D.00000003.1938697637.00000235D6B38000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://ciscobinary.openh264.org/openh264-win64-aarch64-2e1774ab6dc6c43debb0b5b628bdf122a391d521.zip
Source: firefox.exe, 0000000D.00000003.1981437914.00000235D23A1000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://compose.mail.yahoo.co.jp/ym/Compose?To=%ss
Source: firefox.exe, 0000000D.00000003.1965211941.00000235D52D0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://crl.rootca1.amazontrust.com/rootca1.crl0
Source: firefox.exe, 0000000D.00000003.2001774617.00000235E0D3C000.00000004.00000800.00020000.00000000.sdmp, gmpopenh264.dll.tmp.13.drString found in binary or memory: http://crl.thawte.com/ThawteTimestampingCA.crl0
Source: firefox.exe, 0000000D.00000003.1704476100.00000235DE147000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1461476410.00000235CB3DA000.00000004.00000020.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1894880868.00000235DE143000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1472083793.00000235DE143000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1465253611.00000235CB3DA000.00000004.00000020.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1552397597.00000235D44C4000.00000004.00000020.00020000.00000000.sdmp, fUYnz81b.part.13.drString found in binary or memory: http://crl3.digicert.com/DigiCertAssuredIDRootCA.crl0
Source: firefox.exe, 0000000D.00000003.2010639170.00000235E86F0000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1537795527.00000235D44E6000.00000004.00000020.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1578687988.00000235D44CF000.00000004.00000020.00020000.00000000.sdmp, gmpopenh264.dll.tmp.13.drString found in binary or memory: http://crl3.digicert.com/DigiCertAssuredIDRootCA.crl0O
Source: firefox.exe, 0000000D.00000003.1965211941.00000235D52D0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://crl3.digicert.com/DigiCertGlobalRootCA.crl07
Source: firefox.exe, 0000000D.00000003.1965211941.00000235D52D0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://crl3.digicert.com/DigiCertGlobalRootCA.crl0=
Source: firefox.exe, 0000000D.00000003.1461476410.00000235CB3DA000.00000004.00000020.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1735875133.00000235DC366000.00000004.00000800.00020000.00000000.sdmp, fUYnz81b.part.13.drString found in binary or memory: http://crl3.digicert.com/DigiCertTrustedG4CodeSigningRSA4096SHA3842021CA1.crl0S
Source: firefox.exe, 0000000D.00000003.1461476410.00000235CB3DA000.00000004.00000020.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1465253611.00000235CB3DA000.00000004.00000020.00020000.00000000.sdmp, fUYnz81b.part.13.drString found in binary or memory: http://crl3.digicert.com/DigiCertTrustedG4RSA4096SHA256TimeStampingCA.crl0
Source: fUYnz81b.part.13.drString found in binary or memory: http://crl3.digicert.com/DigiCertTrustedRootG4.crl0
Source: firefox.exe, 0000000D.00000003.2010639170.00000235E86F0000.00000004.00000800.00020000.00000000.sdmp, gmpopenh264.dll.tmp.13.drString found in binary or memory: http://crl3.digicert.com/sha2-assured-cs-g1.crl05
Source: firefox.exe, 0000000D.00000003.2010639170.00000235E86F0000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1537795527.00000235D44E6000.00000004.00000020.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1578687988.00000235D44CF000.00000004.00000020.00020000.00000000.sdmp, gmpopenh264.dll.tmp.13.drString found in binary or memory: http://crl4.digicert.com/DigiCertAssuredIDRootCA.crl0:
Source: firefox.exe, 0000000D.00000003.1965211941.00000235D52D0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://crl4.digicert.com/DigiCertGlobalRootCA.crl00
Source: firefox.exe, 0000000D.00000003.1461476410.00000235CB3DA000.00000004.00000020.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1735875133.00000235DC366000.00000004.00000800.00020000.00000000.sdmp, fUYnz81b.part.13.drString found in binary or memory: http://crl4.digicert.com/DigiCertTrustedG4CodeSigningRSA4096SHA3842021CA1.crl0=
Source: firefox.exe, 0000000D.00000003.2010639170.00000235E86F0000.00000004.00000800.00020000.00000000.sdmp, gmpopenh264.dll.tmp.13.drString found in binary or memory: http://crl4.digicert.com/sha2-assured-cs-g1.crl0L
Source: firefox.exe, 0000000D.00000003.1965211941.00000235D52D0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://crt.rootca1.amazontrust.com/rootca1.cer0?
Source: firefox.exe, 0000000D.00000003.1480253579.00000235E10EA000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1703439755.00000235E3D98000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1724004686.00000235DDEDD000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1961844704.00000235D5585000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1474791774.00000235D60BE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://detectportal.firefox.com
Source: firefox.exe, 0000000D.00000003.1716970660.00000235E1032000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://detectportal.firefox.com/
Source: firefox.exe, 0000000D.00000003.1715483786.00000235E5CDE000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000002.2422028968.0000014A6BE31000.00000002.08000000.00040000.00000000.sdmpString found in binary or memory: http://detectportal.firefox.com/canonical.html
Source: firefox.exe, 0000000D.00000003.1794812138.00000235D628B000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000002.2422028968.0000014A6BE31000.00000002.08000000.00040000.00000000.sdmpString found in binary or memory: http://detectportal.firefox.com/success.txt?ipv4
Source: firefox.exe, 0000000D.00000003.1704476100.00000235DE11D000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000002.2422028968.0000014A6BE31000.00000002.08000000.00040000.00000000.sdmpString found in binary or memory: http://detectportal.firefox.com/success.txt?ipv6
Source: firefox.exe, 0000000D.00000003.1956952716.00000235D60D0000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1800380603.00000235D60CF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://detectportal.firefox.com0
Source: firefox.exe, 0000000D.00000003.1619363429.00000235E657B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://developer.mozilla.org/en/docs/DOM:element.addEventListenerUseOfReleaseEventsWarningUse
Source: firefox.exe, 0000000D.00000003.1619363429.00000235E657B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://developer.mozilla.org/en/docs/DOM:element.removeEventListener
Source: firefox.exe, 0000000D.00000003.1424716881.00000235CB331000.00000004.00000020.00020000.00000000.sdmp, OpenWith.exe, 00000014.00000003.2296806738.000001975FD97000.00000004.00000020.00020000.00000000.sdmp, OpenWith.exe, 00000014.00000003.2296291315.000001975FD97000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://en.w
Source: firefox.exe, 0000000D.00000003.1766692907.00000235E12AB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://json-schema.org/draft-04/schema#
Source: firefox.exe, 0000000D.00000003.1766692907.00000235E12AB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://json-schema.org/draft-06/schema#
Source: firefox.exe, 0000000D.00000003.1766692907.00000235E12AB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://json-schema.org/draft-07/schema#-
Source: firefox.exe, 0000000D.00000003.1860919846.00000DE7ED103000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://mozilla.o
Source: firefox.exe, 0000000D.00000003.1860919846.00000DE7ED103000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://mozilla.oZ
Source: firefox.exe, 0000000D.00000003.1766692907.00000235E12AB000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1571466917.00000235E11E6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://mozilla.org
Source: firefox.exe, 0000000D.00000003.1860919846.00000DE7ED103000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1651111009.000021F660E03000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1856420978.000010E372203000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1852101331.000015F6B2603000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1967127632.00000235D4EF0000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1646870911.000024F1B6803000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://mozilla.org/
Source: firefox.exe, 0000000D.00000003.1860919846.00000DE7ED103000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1852101331.000015F6B2603000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://mozilla.org/%
Source: firefox.exe, 0000000D.00000003.1651111009.000021F660E03000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1646870911.000024F1B6803000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://mozilla.org/0S
Source: firefox.exe, 0000000D.00000003.1943633536.00000235D66A5000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1782228924.00000235D66A5000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1520757523.00000235E4AF2000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1889767951.00000235D2472000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1929418398.00000235DC344000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1699120127.00000235D4583000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1785521245.00000235D652C000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1472978374.00000235DDEF4000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1595242635.00000235E684B000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1809354335.00000235DE2C6000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1777578922.00000235D77B6000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1777499154.00000235D77D8000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1679607476.00000235D4D14000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1595242635.00000235E688F000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1740646088.00000235D77A0000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1777990715.00000235D7781000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1838458529.00000235D6BBE000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1477761920.00000235DC4DE000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.2004207999.00000235DDEF4000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1740646088.00000235D7780000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1537806704.00000235E4783000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://mozilla.org/MPL/2.0/.
Source: firefox.exe, 0000000D.00000003.1860919846.00000DE7ED103000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1651111009.000021F660E03000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1646870911.000024F1B6803000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://mozilla.org/Z
Source: fUYnz81b.part.13.drString found in binary or memory: http://nsis.sf.net/NSIS_ErrorError
Source: firefox.exe, 0000000D.00000003.1965211941.00000235D52D0000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1461476410.00000235CB3DA000.00000004.00000020.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1735875133.00000235DC366000.00000004.00000800.00020000.00000000.sdmp, fUYnz81b.part.13.drString found in binary or memory: http://ocsp.digicert.com0
Source: firefox.exe, 0000000D.00000003.1461476410.00000235CB3DA000.00000004.00000020.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1465253611.00000235CB3DA000.00000004.00000020.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1464201042.00000235CB3DA000.00000004.00000020.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1794812138.00000235D628B000.00000004.00000800.00020000.00000000.sdmp, fUYnz81b.part.13.drString found in binary or memory: http://ocsp.digicert.com0A
Source: firefox.exe, 0000000D.00000003.1704476100.00000235DE147000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1461476410.00000235CB3DA000.00000004.00000020.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.2010639170.00000235E86F0000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1537795527.00000235D44E6000.00000004.00000020.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1578687988.00000235D44CF000.00000004.00000020.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1894880868.00000235DE143000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1472083793.00000235DE143000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1465253611.00000235CB3DA000.00000004.00000020.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1552397597.00000235D44C4000.00000004.00000020.00020000.00000000.sdmp, fUYnz81b.part.13.dr, gmpopenh264.dll.tmp.13.drString found in binary or memory: http://ocsp.digicert.com0C
Source: firefox.exe, 0000000D.00000003.2010639170.00000235E86F0000.00000004.00000800.00020000.00000000.sdmp, gmpopenh264.dll.tmp.13.drString found in binary or memory: http://ocsp.digicert.com0N
Source: firefox.exe, 0000000D.00000003.1461476410.00000235CB3DA000.00000004.00000020.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1465253611.00000235CB3DA000.00000004.00000020.00020000.00000000.sdmp, fUYnz81b.part.13.drString found in binary or memory: http://ocsp.digicert.com0X
Source: firefox.exe, 0000000D.00000003.1965211941.00000235D52D0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://ocsp.rootca1.amazontrust.com0:
Source: firefox.exe, 0000000D.00000003.2001774617.00000235E0D3C000.00000004.00000800.00020000.00000000.sdmp, gmpopenh264.dll.tmp.13.drString found in binary or memory: http://ocsp.thawte.com0
Source: firefox.exe, 0000000D.00000003.1981437914.00000235D23A1000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://poczta.interia.pl/mh/?mailto=%sw
Source: firefox.exe, 0000000D.00000003.1472083793.00000235DE143000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://r3.i.lencr.org/0W
Source: firefox.exe, 0000000D.00000003.1472083793.00000235DE143000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://r3.o.lencr.org0
Source: firefox.exe, 0000000D.00000003.2010639170.00000235E86F0000.00000004.00000800.00020000.00000000.sdmp, gmpopenh264.dll.tmp.13.drString found in binary or memory: http://ts-aia.ws.symantec.com/tss-ca-g2.cer0
Source: firefox.exe, 0000000D.00000003.2010639170.00000235E86F0000.00000004.00000800.00020000.00000000.sdmp, gmpopenh264.dll.tmp.13.drString found in binary or memory: http://ts-crl.ws.symantec.com/tss-ca-g2.crl0(
Source: firefox.exe, 0000000D.00000003.2010639170.00000235E86F0000.00000004.00000800.00020000.00000000.sdmp, gmpopenh264.dll.tmp.13.drString found in binary or memory: http://ts-ocsp.ws.symantec.com07
Source: firefox.exe, 0000000D.00000003.1981437914.00000235D23A1000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://win.mail.ru/cgi-bin/sentmsg?mailto=%sy
Source: firefox.exe, 0000000D.00000003.1461476410.00000235CB3DA000.00000004.00000020.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1735875133.00000235DC366000.00000004.00000800.00020000.00000000.sdmp, fUYnz81b.part.13.drString found in binary or memory: http://www.digicert.com/CPS0
Source: firefox.exe, 0000000D.00000003.2033859185.00000235CB395000.00000004.00000020.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.2030900178.00000235CB395000.00000004.00000020.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.2032144843.00000235CB395000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://www.fontbureau.com
Source: firefox.exe, 0000000D.00000003.2032144843.00000235CB395000.00000004.00000020.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.2036353004.00000235CB396000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://www.fontbureau.com/designers
Source: firefox.exe, 0000000D.00000003.2030900178.00000235CB395000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://www.fontbureau.com/designers/
Source: firefox.exe, 0000000D.00000003.2033859185.00000235CB395000.00000004.00000020.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.2030900178.00000235CB395000.00000004.00000020.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.2032144843.00000235CB395000.00000004.00000020.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.2036353004.00000235CB396000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://www.fontbureau.com/designers/5
Source: firefox.exe, 0000000D.00000003.2030900178.00000235CB395000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://www.fontbureau.com5
Source: firefox.exe, 0000000D.00000003.2033859185.00000235CB395000.00000004.00000020.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.2037761055.00000235CB396000.00000004.00000020.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.2036353004.00000235CB396000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://www.fontbureau.comn-u
Source: firefox.exe, 0000000D.00000003.1981437914.00000235D23A1000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://www.inbox.lv/rfc2368/?value=%su
Source: firefox.exe, 0000000D.00000003.2001774617.00000235E0D3C000.00000004.00000800.00020000.00000000.sdmp, gmpopenh264.dll.tmp.13.drString found in binary or memory: http://www.mozilla.com0
Source: firefox.exe, 0000000D.00000003.1651120859.00000235E4954000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://www.mozilla.org/2005/app-updatex
Source: firefox.exe, 0000000D.00000003.1766692907.00000235E1268000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://www.mozilla.org/2006/browser/search/
Source: firefox.exe, 0000000D.00000003.1803041232.00000235D5FE7000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1973545705.00000235D467B000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1474791774.00000235D60BE000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1970936890.00000235D4C25000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://www.mozilla.org/keymaster/gatekeeper/there.is.only.xul
Source: firefox.exe, 0000000F.00000003.1460229990.0000014A6CCFC000.00000004.00000020.00020000.00000000.sdmp, firefox.exe, 0000000F.00000002.2447492887.0000014A6CCFC000.00000004.00000020.00020000.00000000.sdmp, mozilla-temp-41.13.drString found in binary or memory: http://www.videolan.org/x264.html
Source: firefox.exe, 0000000D.00000003.1965211941.00000235D52D0000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1472083793.00000235DE143000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://x1.c.lencr.org/0
Source: firefox.exe, 0000000D.00000003.1965211941.00000235D52D0000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1472083793.00000235DE143000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://x1.i.lencr.org/0
Source: firefox.exe, 0000000F.00000002.2422028968.0000014A6BE31000.00000002.08000000.00040000.00000000.sdmpString found in binary or memory: https://%LOCALE%.malware-error.mozilla.com/?url=
Source: firefox.exe, 0000000F.00000002.2422028968.0000014A6BE31000.00000002.08000000.00040000.00000000.sdmpString found in binary or memory: https://%LOCALE%.phish-error.mozilla.com/?url=
Source: firefox.exe, 0000000F.00000002.2422028968.0000014A6BE31000.00000002.08000000.00040000.00000000.sdmpString found in binary or memory: https://%LOCALE%.phish-report.mozilla.com/?url=
Source: firefox.exe, 0000000D.00000003.1419463127.00000235D2416000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1419114127.00000235D1F00000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://ac.duckduckgo.com/ac/
Source: firefox.exe, 0000000D.00000003.1740009226.00000235D77FB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://account.bellmedia.c
Source: firefox.exe, 0000000D.00000003.1748521730.00000235E6367000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://accounts.firefox.com
Source: firefox.exe, 0000000D.00000003.1929418398.00000235DC359000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1748207004.00000235E6376000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.2032755528.00000235E6376000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1997081063.00000235E6376000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000002.2422028968.0000014A6BE31000.00000002.08000000.00040000.00000000.sdmpString found in binary or memory: https://accounts.firefox.com/
Source: firefox.exe, 0000000F.00000002.2422028968.0000014A6BE31000.00000002.08000000.00040000.00000000.sdmpString found in binary or memory: https://accounts.firefox.com/settings/clients
Source: firefox.exe, 0000000D.00000003.1472083793.00000235DE170000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://accounts.firefox.comK
Source: firefox.exe, 0000000D.00000003.1417274301.00000235D235D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://addons.mozilla.org
Source: firefox.exe, 0000000F.00000002.2422028968.0000014A6BE31000.00000002.08000000.00040000.00000000.sdmpString found in binary or memory: https://addons.mozilla.org/%LOCALE%/%APP%/blocked-addon/%addonID%/%addonVersion%/
Source: firefox.exe, 0000000F.00000002.2422028968.0000014A6BE31000.00000002.08000000.00040000.00000000.sdmpString found in binary or memory: https://addons.mozilla.org/%LOCALE%/firefox/
Source: firefox.exe, 0000000F.00000002.2422028968.0000014A6BE31000.00000002.08000000.00040000.00000000.sdmpString found in binary or memory: https://addons.mozilla.org/%LOCALE%/firefox/language-tools/
Source: firefox.exe, 0000000F.00000002.2422028968.0000014A6BE31000.00000002.08000000.00040000.00000000.sdmpString found in binary or memory: https://addons.mozilla.org/%LOCALE%/firefox/search-engines/
Source: firefox.exe, 0000000F.00000002.2422028968.0000014A6BE31000.00000002.08000000.00040000.00000000.sdmpString found in binary or memory: https://addons.mozilla.org/%LOCALE%/firefox/search?q=%TERMS%&platform=%OS%&appver=%VERSION%
Source: firefox.exe, 0000000F.00000002.2422028968.0000014A6BE31000.00000002.08000000.00040000.00000000.sdmpString found in binary or memory: https://addons.mozilla.org/%LOCALE%/firefox/themes
Source: firefox.exe, 0000000D.00000003.1763391492.00000235E5C55000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://addons.mozilla.org/firefox/addon/enhancer-for-youtube/
Source: firefox.exe, 0000000D.00000003.1763391492.00000235E5C55000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://addons.mozilla.org/firefox/addon/facebook-container/
Source: firefox.exe, 0000000D.00000003.1763391492.00000235E5C55000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://addons.mozilla.org/firefox/addon/reddit-enhancement-suite/
Source: firefox.exe, 0000000D.00000003.1763391492.00000235E5C55000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://addons.mozilla.org/firefox/addon/to-google-translate/
Source: firefox.exe, 0000000D.00000003.1763391492.00000235E5C55000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://addons.mozilla.org/firefox/addon/wikipedia-context-menu-search/
Source: firefox.exe, 0000000D.00000003.1744359109.00000235D6B84000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1936634114.00000235D6B9B000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1815989859.00000235D6B99000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://ads-us.rd.linksynergy.com/as.php
Source: firefox.exe, 0000000D.00000003.1964225729.00000235D52E8000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1727733318.00000235DD986000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://ads.stickyadstv.com/firefox-etp
Source: firefox.exe, 0000000D.00000003.1474256065.00000235DC532000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://allegro.pl/
Source: firefox.exe, 0000000F.00000002.2422028968.0000014A6BE31000.00000002.08000000.00040000.00000000.sdmpString found in binary or memory: https://api.accounts.firefox.com/v1
Source: firefox.exe, 0000000D.00000003.1763391492.00000235E5C55000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://app.adjust.com/167k4ih?campaign=firefox-desktop&adgroup=pb&creative=focus-omc172&redirect=ht
Source: firefox.exe, 0000000D.00000003.1763391492.00000235E5C55000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://app.adjust.com/a8bxj8j?campaign=firefox-desktop&adgroup=pb&creative=focus-omc172&redirect=ht
Source: firefox.exe, 0000000F.00000002.2422028968.0000014A6BE31000.00000002.08000000.00040000.00000000.sdmpString found in binary or memory: https://apps.apple.com/app/firefox-private-safe-browser/id989804926
Source: firefox.exe, 0000000F.00000002.2422028968.0000014A6BE31000.00000002.08000000.00040000.00000000.sdmpString found in binary or memory: https://apps.apple.com/us/app/firefox-private-network-vpn/id1489407738
Source: firefox.exe, 0000000D.00000003.1979458102.00000235D312E000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1732840124.00000235DC528000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1927932289.00000235DC532000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://aus5.mozilla.org
Source: firefox.exe, 0000000D.00000003.1686310267.00000235E5CFE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://aus5.mozilla.org/
Source: firefox.exe, 0000000F.00000002.2422028968.0000014A6BE31000.00000002.08000000.00040000.00000000.sdmpString found in binary or memory: https://aus5.mozilla.org/update/3/GMP/%VERSION%/%BUILD_ID%/%BUILD_TARGET%/%LOCALE%/%CHANNEL%/%OS_VER
Source: firefox.exe, 0000000D.00000003.1895792391.00000235DD9E1000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://aus5.mozilla.org/update/3/GMP/118.0.1/20230927232528/WINNT_x86_64-msvc-x64/en-US/release/Win
Source: firefox.exe, 0000000F.00000002.2422028968.0000014A6BE31000.00000002.08000000.00040000.00000000.sdmpString found in binary or memory: https://aus5.mozilla.org/update/3/SystemAddons/%VERSION%/%BUILD_ID%/%BUILD_TARGET%/%LOCALE%/%CHANNEL
Source: firefox.exe, 0000000D.00000003.1895792391.00000235DD9E1000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://aus5.mozilla.org/update/3/SystemAddons/118.0.1/20230927232528/WINNT_x86_64-msvc-x64/en-US/re
Source: firefox.exe, 0000000D.00000003.1747594146.00000235E638A000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1473650318.00000235DC5EB000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1730202178.00000235DC5D9000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1755810257.00000235D676E000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1621527108.00000235E6389000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://aus5.mozilla.org/update/6/Firefox/118.0.1/20230927232528/WINNT_x86_64-msvc-x64/en-US/release
Source: firefox.exe, 0000000F.00000002.2422028968.0000014A6BE31000.00000002.08000000.00040000.00000000.sdmpString found in binary or memory: https://blocked.cdn.mozilla.net/
Source: firefox.exe, 0000000F.00000002.2422028968.0000014A6BE31000.00000002.08000000.00040000.00000000.sdmpString found in binary or memory: https://blocked.cdn.mozilla.net/%blockID%.html
Source: firefox.exe, 0000000D.00000003.1986455951.00000235CFEB9000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1789218347.00000235D643C000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000002.2426790737.000002BC173E4000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000002.2431335485.0000014A6BFE9000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000010.00000002.2440991208.000001D64A703000.00000004.00000800.00020000.00000000.sdmp, prefs-1.js.13.drString found in binary or memory: https://bridge.sfo1.admarketplace.net/ctp?version=16.0.0&ci=1696581201119.12791&key=1696581201400600
Source: firefox.exe, 0000000D.00000003.1986455951.00000235CFEB9000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1789218347.00000235D643C000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000002.2426790737.000002BC173E4000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000002.2431335485.0000014A6BFE9000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000010.00000002.2440991208.000001D64A703000.00000004.00000800.00020000.00000000.sdmp, prefs-1.js.13.drString found in binary or memory: https://bridge.sfo1.ap01.net/ctp?version=16.0.0&ci=1696581201119.12791&key=1696581201400600000.1&cta
Source: firefox.exe, 0000000D.00000003.1762172110.00000235E5C6F000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://bugzilla.mo
Source: firefox.exe, 0000000D.00000003.1525555428.00000235E4C97000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1526894887.00000235E4C9F000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://bugzilla.mozilla.org/show_bug.cgi?id=1189266
Source: firefox.exe, 0000000D.00000003.1525555428.00000235E4C97000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://bugzilla.mozilla.org/show_bug.cgi?id=1193802
Source: firefox.exe, 0000000D.00000003.1525555428.00000235E4C68000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1525555428.00000235E4C78000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1526370218.00000235E4C5E000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1526894887.00000235E4C7F000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1526894887.00000235E4C6C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://bugzilla.mozilla.org/show_bug.cgi?id=1207993
Source: firefox.exe, 0000000D.00000003.1525555428.00000235E4C68000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://bugzilla.mozilla.org/show_bug.cgi?id=1266220
Source: firefox.exe, 0000000D.00000003.1525555428.00000235E4C78000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://bugzilla.mozilla.org/show_bug.cgi?id=1283601
Source: firefox.exe, 0000000D.00000003.1472978374.00000235DDED8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://bugzilla.mozilla.org/show_bug.cgi?id=1539075
Source: firefox.exe, 0000000D.00000003.1472978374.00000235DDED8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://bugzilla.mozilla.org/show_bug.cgi?id=1584464
Source: firefox.exe, 0000000D.00000003.1472978374.00000235DDED8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://bugzilla.mozilla.org/show_bug.cgi?id=1607439
Source: firefox.exe, 0000000D.00000003.1472978374.00000235DDED8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://bugzilla.mozilla.org/show_bug.cgi?id=1616739
Source: firefox.exe, 0000000D.00000003.1525555428.00000235E4C97000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1525555428.00000235E4C78000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://bugzilla.mozilla.org/show_bug.cgi?id=1678448
Source: firefox.exe, 0000000D.00000003.1685951916.00000235E4A14000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://bugzilla.mozilla.org/show_bug.cgi?id=1694699#c21
Source: firefox.exe, 0000000D.00000003.1525555428.00000235E4C78000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1526894887.00000235E4C9C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://bugzilla.mozilla.org/show_bug.cgi?id=792480
Source: firefox.exe, 0000000D.00000003.1525555428.00000235E4C68000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1525555428.00000235E4C78000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://bugzilla.mozilla.org/show_bug.cgi?id=809550
Source: firefox.exe, 0000000D.00000003.1525555428.00000235E4C78000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1526370218.00000235E4C5E000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1526894887.00000235E4C6C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://bugzilla.mozilla.org/show_bug.cgi?id=840161
Source: firefox.exe, 0000000F.00000002.2422028968.0000014A6BE31000.00000002.08000000.00040000.00000000.sdmpString found in binary or memory: https://color.firefox.com/?utm_source=firefox-browser&utm_medium=firefox-browser&utm_content=theme-f
Source: firefox.exe, 0000000D.00000003.1419463127.00000235D2416000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1419114127.00000235D1F00000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://completion.amazon.com/search/complete?q=
Source: firefox.exe, 0000000D.00000003.1956525604.00000235D60E1000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1799858044.00000235D60E1000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://content-signature-2.cdn.mozilla.net
Source: firefox.exe, 0000000D.00000003.1731972168.00000235DC57E000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://content-signature-2.cdn.mozilla.net/
Source: firefox.exe, 0000000D.00000003.1724180654.00000235DDE81000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-202
Source: firefox.exe, 0000000F.00000002.2422028968.0000014A6BE31000.00000002.08000000.00040000.00000000.sdmpString found in binary or memory: https://content.cdn.mozilla.net
Source: firefox.exe, 0000000D.00000003.1986455951.00000235CFEB9000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1789218347.00000235D643C000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000002.2426790737.000002BC173E4000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000002.2431335485.0000014A6BFE9000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000010.00000002.2440991208.000001D64A703000.00000004.00000800.00020000.00000000.sdmp, prefs-1.js.13.drString found in binary or memory: https://contile-images.services.mozilla.com/T23eBL4EHswiSaF6kya2gYsRHvdfADK-NYjs1mVRNGE.3351.jpg
Source: firefox.exe, 0000000D.00000003.1986455951.00000235CFEB9000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1789218347.00000235D643C000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000002.2426790737.000002BC173E4000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000002.2431335485.0000014A6BFE9000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000010.00000002.2440991208.000001D64A703000.00000004.00000800.00020000.00000000.sdmp, prefs-1.js.13.drString found in binary or memory: https://contile-images.services.mozilla.com/obgoOYObjIFea_bXuT6L4LbBJ8j425AD87S1HMD3BWg.9991.jpg
Source: firefox.exe, 0000000D.00000003.1734342180.00000235DC3CB000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1928870371.00000235DC3CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://contile.services.mozilla.com
Source: firefox.exe, 0000000D.00000003.1782228924.00000235D66A5000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://contile.services.mozilla.com/
Source: firefox.exe, 0000000D.00000003.2005425240.00000235DDEA5000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000002.2422028968.0000014A6BE31000.00000002.08000000.00040000.00000000.sdmpString found in binary or memory: https://contile.services.mozilla.com/v1/tiles
Source: firefox.exe, 0000000F.00000002.2422028968.0000014A6BE31000.00000002.08000000.00040000.00000000.sdmpString found in binary or memory: https://coverage.mozilla.org
Source: firefox.exe, 0000000F.00000002.2422028968.0000014A6BE31000.00000002.08000000.00040000.00000000.sdmpString found in binary or memory: https://crash-stats.mozilla.org/report/index/
Source: firefox.exe, 0000000F.00000002.2422028968.0000014A6BE31000.00000002.08000000.00040000.00000000.sdmpString found in binary or memory: https://dap-02.api.divviup.org
Source: firefox.exe, 0000000D.00000003.1649449106.00000235E5B79000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1894256239.00000235E5B82000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1766530172.00000235E5B82000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1687463759.00000235E5B82000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://datastudio.google.com/embed/reporting/
Source: firefox.exe, 0000000D.00000003.1619363429.00000235E657B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://developer.mozilla.org/docs/Mozilla/Add-ons/WebExtensions/API/tabs/captureTabMozRequestFullSc
Source: firefox.exe, 0000000D.00000003.1619363429.00000235E657B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://developer.mozilla.org/docs/Web/API/Element/releasePointerCapture
Source: firefox.exe, 0000000D.00000003.1619363429.00000235E657B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://developer.mozilla.org/docs/Web/API/Element/releasePointerCaptureWebExtensionUncheckedLastErr
Source: firefox.exe, 0000000D.00000003.1619363429.00000235E657B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://developer.mozilla.org/docs/Web/API/Element/setPointerCaptureElementReleaseCaptureWarningElem
Source: firefox.exe, 0000000D.00000003.1619363429.00000235E657B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://developer.mozilla.org/docs/Web/API/Push_API/Using_the_Push_API#EncryptionPreventDefaultFromP
Source: firefox.exe, 0000000D.00000003.1731063556.00000235DC5B5000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://developer.mozilla.org/en-US/docs/Glossary/speculative_parsingDocumentWriteIgnored
Source: firefox.exe, 0000000D.00000003.1516198035.00000235E47DE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://developer.mozilla.org/en-US/docs/Mozilla/Tech/XPCOM/Reference/Interface/nsIEffectiveTLDServi
Source: firefox.exe, 0000000F.00000002.2422028968.0000014A6BE31000.00000002.08000000.00040000.00000000.sdmpString found in binary or memory: https://developers.google.com/safe-browsing/v4/advisory
Source: firefox.exe, 0000000D.00000003.1716238356.00000235E4941000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1653138282.00000235E4941000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1518132796.00000235E4AFE000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1419463127.00000235D2416000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1703234495.00000235E4941000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1419114127.00000235D1F00000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://duckduckgo.com/
Source: firefox.exe, 0000000D.00000003.1421120827.00000235D1C33000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1981092853.00000235D23AA000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1640706276.00000235D1C3B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://e.mail.ru/cgi-bin/sentmsg?mailto=%s
Source: firefox.exe, 0000000D.00000003.1981437914.00000235D23A1000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://e.mail.ru/cgi-bin/sentmsg?mailto=%sz
Source: firefox.exe, 0000000D.00000003.1981437914.00000235D23A1000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://e.mail.ru/cgi-bin/sentmsg?mailto=%szw
Source: firefox.exe, 0000000D.00000003.1421120827.00000235D1C33000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1981092853.00000235D23AA000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1421771021.00000235D1C3C000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1640706276.00000235D1C3B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://email.seznam.cz/newMessageScreen?mailto=%s
Source: firefox.exe, 0000000D.00000003.1619363429.00000235E657B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://extensionworkshop.com/documentation/publish/self-distribution/SelectOptionsLengthAssignmentW
Source: firefox.exe, 0000000D.00000003.1773973362.00000235DC1A9000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1930074135.00000235DC1A1000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1737424352.00000235DC18F000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1472083793.00000235DE182000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000002.2431335485.0000014A6BF12000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000010.00000002.2427825243.000001D64A513000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://firefox-api-proxy.cdn.mozilla.net/
Source: firefox.exe, 0000000D.00000003.1883378764.00000235E1189000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://firefox-settings-attachments.cdn.mozilla.net/main-workspace/ms-images/673d2808-e5d8-41b9-957
Source: firefox.exe, 0000000D.00000003.1484635852.00000235E11B6000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1484252913.00000235E11E6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://firefox-settings-attachments.cdn.mozilla.net/main-workspace/ms-images/706c7a85-cf23-442e-8a9
Source: firefox.exe, 0000000F.00000002.2422028968.0000014A6BE31000.00000002.08000000.00040000.00000000.sdmpString found in binary or memory: https://firefox-source-docs.mozilla.org/networking/dns/trr-skip-reasons.html#
Source: firefox.exe, 0000000D.00000003.1617211949.00000235E6A67000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://firefox.settings.services.mozilla.com
Source: firefox.exe, 0000000D.00000003.1715483786.00000235E5CDE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://firefox.settings.services.mozilla.com/
Source: firefox.exe, 0000000D.00000003.1760114331.00000235E5CB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/
Source: firefox.exe, 0000000D.00000003.1894046729.00000235E5CF5000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://firefox.settings.services.mozilla.com/v1/buckets/monitor/collections/changes/changeset?_expe
Source: firefox.exe, 0000000D.00000003.1981437914.00000235D2308000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://firefox.settings.services.mozilla.com/v1/buckets/monitor/collections/changes/changeset?colle
Source: firefox.exe, 0000000D.00000003.1981437914.00000235D2351000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://fpn.firefox.com
Source: firefox.exe, 0000000F.00000002.2422028968.0000014A6BE31000.00000002.08000000.00040000.00000000.sdmpString found in binary or memory: https://fpn.firefox.com/browser?utm_source=firefox-desktop&utm_medium=referral&utm_campaign=about-pr
Source: firefox.exe, 0000000F.00000002.2422028968.0000014A6BE31000.00000002.08000000.00040000.00000000.sdmpString found in binary or memory: https://ftp.mozilla.org/pub/labs/devtools/adb-extension/#OS#/adb-extension-latest-#OS#.xpi
Source: firefox.exe, 0000000D.00000003.1773973362.00000235DC1A9000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1930074135.00000235DC1A1000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1737424352.00000235DC18F000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1472083793.00000235DE182000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000002.2431335485.0000014A6BF12000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000010.00000002.2427825243.000001D64A513000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://getpocket.cdn.mozilla.net/
Source: firefox.exe, 00000010.00000002.2427825243.000001D64A5C4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://getpocket.cdn.mozilla.net/v3/firefox/global-recs?version=3&consumer_key=$apiKey&locale_lang=
Source: firefox.exe, 00000010.00000002.2427825243.000001D64A5C4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://getpocket.cdn.mozilla.net/v3/firefox/trending-topics?version=2&consumer_key=$apiKey&locale_l
Source: firefox.exe, 00000010.00000002.2427825243.000001D64A530000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://getpocket.cdn.mozilla.net/v3/newtab/layout?version=1&consumer_key=$apiKey&layout_variant=bas
Source: firefox.exe, 0000000D.00000003.1734528325.00000235DC397000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://getpocket.com/explore/career?utm_source=pocket-newtabL
Source: firefox.exe, 0000000D.00000003.1734528325.00000235DC397000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://getpocket.com/explore/entertainment?utm_source=pocket-newtabC
Source: firefox.exe, 0000000D.00000003.1734528325.00000235DC397000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://getpocket.com/explore/food?utm_source=pocket-newtabA
Source: firefox.exe, 0000000D.00000003.1734528325.00000235DC397000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://getpocket.com/explore/health?utm_source=pocket-newtabE
Source: firefox.exe, 0000000D.00000003.1734528325.00000235DC397000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://getpocket.com/explore/science?utm_source=pocket-newtabG
Source: firefox.exe, 0000000D.00000003.1734528325.00000235DC397000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://getpocket.com/explore/self-improvement?utm_source=pocket-newtab?
Source: firefox.exe, 0000000D.00000003.1734528325.00000235DC397000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://getpocket.com/explore/technology?utm_source=pocket-newtabN
Source: firefox.exe, 00000010.00000002.2427825243.000001D64A5C4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://getpocket.com/explore/trending?src=fx_new_tab
Source: firefox.exe, 0000000D.00000003.1472083793.00000235DE182000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://getpocket.com/explore/trending?src=fx_new_tabL
Source: firefox.exe, 0000000D.00000003.1734528325.00000235DC397000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://getpocket.com/explore?utm_source=pocket-newtabI
Source: firefox.exe, 0000000D.00000003.1734528325.00000235DC37D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://getpocket.com/firefox/new_tab_learn_more
Source: firefox.exe, 0000000D.00000003.1734528325.00000235DC397000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://getpocket.com/firefox/new_tab_learn_more/
Source: firefox.exe, 00000010.00000002.2427825243.000001D64A5C4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://getpocket.com/recommendations
Source: firefox.exe, 0000000D.00000003.1472083793.00000235DE182000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://getpocket.com/recommendationsS
Source: firefox.exe, 0000000D.00000003.1472083793.00000235DE182000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://getpocket.com/recommendationsS7
Source: firefox.exe, 0000000D.00000003.1472083793.00000235DE182000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://getpocket.com/v3/newtab/layout?version=1&consumer_key=$apiKey&layout_variant=basic
Source: firefox.exe, 0000000D.00000003.1477761920.00000235DC4DE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://github.com/lit/lit/blob/main/packages/reactive-element/src/decorators/query-all.ts
Source: firefox.exe, 0000000D.00000003.1477761920.00000235DC4DE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://github.com/lit/lit/blob/main/packages/reactive-element/src/decorators/query.ts
Source: firefox.exe, 0000000D.00000003.1419463127.00000235D2416000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1419114127.00000235D1F00000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://github.com/mozilla-services/screenshots
Source: firefox.exe, 0000000D.00000003.1472978374.00000235DDED8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://github.com/w3c/csswg-drafts/blob/master/css-grid-2/MASONRY-EXPLAINER.md
Source: firefox.exe, 0000000D.00000003.1472978374.00000235DDED8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://github.com/w3c/csswg-drafts/issues/4650
Source: firefox.exe, 0000000D.00000003.1472083793.00000235DE182000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://github.com/zertosh/loose-envify)
Source: firefox.exe, 0000000D.00000003.1472978374.00000235DDED8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://gpuweb.github.io/gpuweb/
Source: firefox.exe, 0000000F.00000002.2422028968.0000014A6BE31000.00000002.08000000.00040000.00000000.sdmpString found in binary or memory: https://helper1.dap.cloudflareresearch.com/v02
Source: firefox.exe, 0000000D.00000003.1646870911.000024F1B6803000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://ib.absa.co.za/
Source: firefox.exe, 0000000F.00000002.2422028968.0000014A6BE31000.00000002.08000000.00040000.00000000.sdmpString found in binary or memory: https://ideas.mozilla.org/
Source: firefox.exe, 0000000D.00000003.1748853267.00000235E6323000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://identity.mozilla.com/apps/oldsyncS
Source: firefox.exe, 0000000D.00000003.1627217897.00000235E4D77000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://identity.mozilla.com/apps/relay
Source: firefox.exe, 0000000D.00000003.1748853267.00000235E6323000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://identity.mozilla.com/cmd/H
Source: firefox.exe, 0000000D.00000003.1748853267.00000235E6323000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://identity.mozilla.com/cmd/HCX
Source: firefox.exe, 0000000D.00000003.1748853267.00000235E6323000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://identity.mozilla.com/ids/ecosystem_telemetryU
Source: firefox.exe, 0000000D.00000003.1748853267.00000235E6323000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://identity.mozilla.com/ids/ecosystem_telemetryUFj
Source: firefox.exe, 0000000D.00000003.1734528325.00000235DC397000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://img-getpocket.cdn.mozilla.net/X
Source: prefs-1.js.13.drString found in binary or memory: https://imp.mt48.net/static?id=7RHzfOIXjFEYsBdvIpkX4Qqm4CLXfQbX4pbW4QbWfpbW7ReNxR3UIG8zInwYIFIVs9eYi
Source: firefox.exe, 0000000D.00000003.1636730578.00000235E6565000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000002.2422028968.0000014A6BE31000.00000002.08000000.00040000.00000000.sdmpString found in binary or memory: https://incoming.telemetry.mozilla.org
Source: firefox.exe, 00000010.00000002.2427825243.000001D64A5F4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://incoming.telemetry.mozilla.org/submit
Source: firefox.exe, 0000000D.00000003.1646867908.00000235E5BDB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://incoming.telemetry.mozilla.org/submit/firefox-desktop/events/1/e570726a-483e-4c33-b3ee-fc104
Source: firefox.exe, 0000000D.00000003.1624172617.00000235E6AB0000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1703439755.00000235E3D8C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://incoming.telemetry.mozilla.org/submit/firefox-desktop/messaging-system/1/cc17ce6f-06b5-463f-
Source: firefox.exe, 0000000D.00000003.1732570987.00000235DC554000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://incoming.telemetry.mozilla.org/submit/firefox-desktop/metrics/1/373a60b0-3d68-4c00-a1dc-2eeb
Source: firefox.exe, 0000000D.00000003.1624172617.00000235E6AB0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://incoming.telemetry.mozilla.org/submit/messaging-system/undesired-events/1/12eb4c46-df3a-474a
Source: firefox.exe, 0000000D.00000003.1624172617.00000235E6AB0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://incoming.telemetry.mozilla.org/submit/messaging-system/undesired-events/1/46ff1faa-16a4-4c55
Source: firefox.exe, 0000000D.00000003.1472083793.00000235DE182000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://incoming.telemetry.mozilla.org/submits
Source: firefox.exe, 0000000F.00000002.2422028968.0000014A6BE31000.00000002.08000000.00040000.00000000.sdmpString found in binary or memory: https://install.mozilla.org
Source: firefox.exe, 0000000D.00000003.1716970660.00000235E101B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://json-schema.org/draft/2019-09/schema
Source: firefox.exe, 0000000D.00000003.1766692907.00000235E12AB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://json-schema.org/draft/2019-09/schema.
Source: firefox.exe, 0000000D.00000003.1766692907.00000235E12AB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://json-schema.org/draft/2019-09/schema./
Source: firefox.exe, 0000000D.00000003.1766692907.00000235E12AB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://json-schema.org/draft/2020-12/schema/
Source: firefox.exe, 0000000D.00000003.1766692907.00000235E12AB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://json-schema.org/draft/2020-12/schema/=
Source: firefox.exe, 0000000D.00000003.1967127632.00000235D4ED4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://location.services.mozilla.com/
Source: firefox.exe, 0000000F.00000002.2422028968.0000014A6BE31000.00000002.08000000.00040000.00000000.sdmpString found in binary or memory: https://location.services.mozilla.com/v1/country?key=%MOZILLA_API_KEY%
Source: firefox.exe, 0000000D.00000003.1894046729.00000235E5CF5000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://location.services.mozilla.com/v1/country?key=7e40f68c-7938-4c5d-9f95-e61647c213eb
Source: firefox.exe, 0000000D.00000003.1740009226.00000235D77FB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://login.live.com
Source: firefox.exe, 0000000D.00000003.1740646088.00000235D774D000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1707062090.00000235DE111000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://login.microsoftonline.com
Source: firefox.exe, 0000000D.00000003.1649449106.00000235E5B79000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1894256239.00000235E5B82000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1766530172.00000235E5B82000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1687463759.00000235E5B82000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://lookerstudio.google.com/embed/reporting/
Source: firefox.exe, 0000000D.00000003.1421120827.00000235D1C33000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1981092853.00000235D23AA000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1421771021.00000235D1C3C000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1640706276.00000235D1C3B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://mail.google.com/mail/?extsrc=mailto&url=%s
Source: firefox.exe, 0000000D.00000003.1421120827.00000235D1C33000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1981092853.00000235D23AA000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1640706276.00000235D1C3B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://mail.inbox.lv/compose?to=%s
Source: firefox.exe, 0000000D.00000003.1981437914.00000235D23A1000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://mail.inbox.lv/compose?to=%sv
Source: firefox.exe, 0000000D.00000003.1421120827.00000235D1C33000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1981092853.00000235D23AA000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1640706276.00000235D1C3B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://mail.yahoo.co.jp/compose/?To=%s
Source: firefox.exe, 0000000D.00000003.1981437914.00000235D23A1000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://mail.yahoo.co.jp/compose/?To=%st
Source: firefox.exe, 0000000D.00000003.1595242635.00000235E689E000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://mathiasbynens.be/
Source: firefox.exe, 0000000D.00000003.1595242635.00000235E689E000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://mathiasbynens.be/notes/javascript-encoding#surrogate-formulae
Source: firefox.exe, 0000000D.00000003.1595242635.00000235E689E000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://mathiasbynens.be/notes/javascript-escapes#single
Source: firefox.exe, 00000010.00000002.2427825243.000001D64A58F000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://merino.services.mozilla.com/api/v1/suggest
Source: firefox.exe, 0000000F.00000002.2422028968.0000014A6BE31000.00000002.08000000.00040000.00000000.sdmpString found in binary or memory: https://mitmdetection.services.mozilla.com/
Source: firefox.exe, 0000000D.00000003.1417274301.00000235D235D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://monitor.firefox.com
Source: firefox.exe, 0000000F.00000002.2422028968.0000014A6BE31000.00000002.08000000.00040000.00000000.sdmpString found in binary or memory: https://monitor.firefox.com/?entrypoint=protection_report_monitor&utm_source=about-protections
Source: firefox.exe, 0000000F.00000002.2422028968.0000014A6BE31000.00000002.08000000.00040000.00000000.sdmpString found in binary or memory: https://monitor.firefox.com/about
Source: firefox.exe, 0000000F.00000002.2422028968.0000014A6BE31000.00000002.08000000.00040000.00000000.sdmpString found in binary or memory: https://monitor.firefox.com/breach-details/
Source: firefox.exe, 0000000F.00000002.2422028968.0000014A6BE31000.00000002.08000000.00040000.00000000.sdmpString found in binary or memory: https://monitor.firefox.com/oauth/init?entrypoint=protection_report_monitor&utm_source=about-protect
Source: firefox.exe, 0000000F.00000002.2422028968.0000014A6BE31000.00000002.08000000.00040000.00000000.sdmpString found in binary or memory: https://monitor.firefox.com/user/breach-stats?includeResolved=true
Source: firefox.exe, 0000000F.00000002.2422028968.0000014A6BE31000.00000002.08000000.00040000.00000000.sdmpString found in binary or memory: https://monitor.firefox.com/user/dashboard
Source: firefox.exe, 0000000F.00000002.2422028968.0000014A6BE31000.00000002.08000000.00040000.00000000.sdmpString found in binary or memory: https://monitor.firefox.com/user/preferences
Source: firefox.exe, 0000000F.00000002.2422028968.0000014A6BE31000.00000002.08000000.00040000.00000000.sdmpString found in binary or memory: https://mozilla-ohttp-fakespot.fastly-edge.com/
Source: firefox.exe, 0000000F.00000002.2422028968.0000014A6BE31000.00000002.08000000.00040000.00000000.sdmpString found in binary or memory: https://mozilla.cloudflare-dns.com/dns-query
Source: firefox.exe, 0000000D.00000003.1595242635.00000235E689E000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://mths.be/jsesc
Source: firefox.exe, 0000000D.00000003.1979871458.00000235D23C5000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://normandy.cdn.mozilla.net
Source: firefox.exe, 0000000D.00000003.1967127632.00000235D4EF0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://normandy.cdn.mozilla.net/
Source: firefox.exe, 0000000D.00000003.1895792391.00000235DD9E1000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000002.2422028968.0000014A6BE31000.00000002.08000000.00040000.00000000.sdmpString found in binary or memory: https://normandy.cdn.mozilla.net/api/v1
Source: firefox.exe, 0000000D.00000003.1967127632.00000235D4EF0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://normandy.cdn.mozilla.net/api/v1/
Source: firefox.exe, 0000000F.00000002.2422028968.0000014A6BE31000.00000002.08000000.00040000.00000000.sdmpString found in binary or memory: https://oauth.accounts.firefox.com/v1
Source: firefox.exe, 0000000D.00000003.1785521245.00000235D6558000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://ok.ru/
Source: firefox.exe, 0000000D.00000003.1421120827.00000235D1C33000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1981092853.00000235D23AA000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1421771021.00000235D1C3C000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1640706276.00000235D1C3B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://outlook.live.com/default.aspx?rru=compose&to=%s
Source: firefox.exe, 0000000F.00000002.2422028968.0000014A6BE31000.00000002.08000000.00040000.00000000.sdmpString found in binary or memory: https://play.google.com/store/apps/details?id=org.mozilla.firefox&referrer=utm_source%3Dprotection_r
Source: firefox.exe, 0000000F.00000002.2422028968.0000014A6BE31000.00000002.08000000.00040000.00000000.sdmpString found in binary or memory: https://play.google.com/store/apps/details?id=org.mozilla.firefox.vpn&referrer=utm_source%3Dfirefox-
Source: firefox.exe, 0000000D.00000003.1421120827.00000235D1C33000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1981092853.00000235D23AA000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1640706276.00000235D1C3B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://poczta.interia.pl/mh/?mailto=%s
Source: firefox.exe, 0000000D.00000003.1981437914.00000235D23A1000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://poczta.interia.pl/mh/?mailto=%sx
Source: firefox.exe, 0000000F.00000002.2422028968.0000014A6BE31000.00000002.08000000.00040000.00000000.sdmpString found in binary or memory: https://prod.ohttp-gateway.prod.webservices.mozgcp.net/ohttp-configs
Source: firefox.exe, 0000000F.00000002.2422028968.0000014A6BE31000.00000002.08000000.00040000.00000000.sdmpString found in binary or memory: https://profile.accounts.firefox.com/v1
Source: firefox.exe, 0000000F.00000002.2422028968.0000014A6BE31000.00000002.08000000.00040000.00000000.sdmpString found in binary or memory: https://profiler.firefox.com
Source: firefox.exe, 0000000D.00000003.1981437914.00000235D2383000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://profiler.firefox.com/
Source: firefox.exe, 0000000D.00000003.1646867908.00000235E5BDB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://push.services.mozilla.com
Source: firefox.exe, 0000000D.00000003.1931762974.00000235DC13A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://push.services.mozilla.com/
Source: firefox.exe, 0000000D.00000003.1970936890.00000235D4C88000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.2045350133.00000235E69E1000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://redirector.gvt1.com
Source: firefox.exe, 0000000D.00000003.1967710085.00000235D4E4F000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://redirector.gvt1.com/edgedl/widevine-cdm/4.10.2557.0-linux-x64.zip
Source: firefox.exe, 0000000D.00000003.1967710085.00000235D4E4F000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://redirector.gvt1.com/edgedl/widevine-cdm/4.10.2557.0-mac-arm64.zip
Source: firefox.exe, 0000000D.00000003.1967710085.00000235D4E4F000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://redirector.gvt1.com/edgedl/widevine-cdm/4.10.2557.0-mac-x64.zip
Source: firefox.exe, 0000000D.00000003.1967710085.00000235D4E4F000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://redirector.gvt1.com/edgedl/widevine-cdm/4.10.2557.0-win-arm64.zip
Source: firefox.exe, 0000000D.00000003.2045350133.00000235E69E1000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.2027345586.00000235DDE23000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://redirector.gvt1.com/edgedl/widevine-cdm/4.10.2557.0-win-x64.zip
Source: firefox.exe, 0000000D.00000003.1967710085.00000235D4E4F000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://redirector.gvt1.com/edgedl/widevine-cdm/4.10.2557.0-win-x86.zip
Source: firefox.exe, 0000000D.00000003.1472083793.00000235DE182000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://redux.js.org/api-reference/store#subscribe(listener)
Source: firefox.exe, 0000000D.00000003.1925858398.00000235DC5E3000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1730202178.00000235DC5D9000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000002.2422028968.0000014A6BE31000.00000002.08000000.00040000.00000000.sdmpString found in binary or memory: https://relay.firefox.com/accounts/profile/?utm_medium=firefox-desktop&utm_source=modal&utm_campaign
Source: firefox.exe, 0000000F.00000002.2422028968.0000014A6BE31000.00000002.08000000.00040000.00000000.sdmpString found in binary or memory: https://relay.firefox.com/api/v1/
Source: firefox.exe, 0000000F.00000002.2422028968.0000014A6BE31000.00000002.08000000.00040000.00000000.sdmpString found in binary or memory: https://safebrowsing.google.com/safebrowsing/diagnostic?site=
Source: firefox.exe, 0000000F.00000002.2422028968.0000014A6BE31000.00000002.08000000.00040000.00000000.sdmpString found in binary or memory: https://safebrowsing.google.com/safebrowsing/downloads?client=SAFEBROWSING_ID&appver=%MAJOR_VERSION%
Source: firefox.exe, 0000000F.00000002.2422028968.0000014A6BE31000.00000002.08000000.00040000.00000000.sdmpString found in binary or memory: https://safebrowsing.google.com/safebrowsing/gethash?client=SAFEBROWSING_ID&appver=%MAJOR_VERSION%&p
Source: firefox.exe, 0000000D.00000003.1981437914.00000235D2308000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://safebrowsing.google.com/safebrowsing/gethash?client=SAFEBROWSING_ID&appver=118.0&pver=2.2
Source: firefox.exe, 0000000D.00000003.1984332161.00000235D0793000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://safebrowsing.googleapis.com
Source: firefox.exe, 0000000F.00000002.2422028968.0000014A6BE31000.00000002.08000000.00040000.00000000.sdmpString found in binary or memory: https://safebrowsing.googleapis.com/v4/fullHashes:find?$ct=application/x-protobuf&key=%GOOGLE_SAFEBR
Source: firefox.exe, 0000000F.00000002.2422028968.0000014A6BE31000.00000002.08000000.00040000.00000000.sdmpString found in binary or memory: https://safebrowsing.googleapis.com/v4/threatHits?$ct=application/x-protobuf&key=%GOOGLE_SAFEBROWSIN
Source: firefox.exe, 0000000F.00000002.2422028968.0000014A6BE31000.00000002.08000000.00040000.00000000.sdmpString found in binary or memory: https://safebrowsing.googleapis.com/v4/threatListUpdates:fetch?$ct=application/x-protobuf&key=%GOOGL
Source: firefox.exe, 0000000F.00000002.2422028968.0000014A6BE31000.00000002.08000000.00040000.00000000.sdmpString found in binary or memory: https://sb-ssl.google.com/safebrowsing/clientreport/download?key=%GOOGLE_SAFEBROWSING_API_KEY%
Source: firefox.exe, 0000000D.00000003.1417274301.00000235D235D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://screenshots.firefox.com
Source: firefox.exe, 0000000D.00000003.1419114127.00000235D1F00000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://screenshots.firefox.com/
Source: firefox.exe, 0000000D.00000003.1516198035.00000235E47DE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://searchfox.org/mozilla-central/source/toolkit/components/search/SearchUtils.jsm#145-152
Source: firefox.exe, 0000000D.00000003.1964020115.00000235D556A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://services.addons.mozilla.org
Source: firefox.exe, 0000000F.00000002.2422028968.0000014A6BE31000.00000002.08000000.00040000.00000000.sdmpString found in binary or memory: https://services.addons.mozilla.org/api/v4/abuse/report/addon/
Source: firefox.exe, 0000000D.00000003.1762172110.00000235E5C6F000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://services.addons.mozilla.org/api/v4/addons/addon
Source: firefox.exe, 0000000F.00000002.2422028968.0000014A6BE31000.00000002.08000000.00040000.00000000.sdmpString found in binary or memory: https://services.addons.mozilla.org/api/v4/addons/addon/
Source: firefox.exe, 0000000F.00000002.2422028968.0000014A6BE31000.00000002.08000000.00040000.00000000.sdmpString found in binary or memory: https://services.addons.mozilla.org/api/v4/addons/language-tools/?app=firefox&type=language&appversi
Source: firefox.exe, 0000000F.00000002.2422028968.0000014A6BE31000.00000002.08000000.00040000.00000000.sdmpString found in binary or memory: https://services.addons.mozilla.org/api/v4/addons/search/?guid=%IDS%&lang=%LOCALE%
Source: firefox.exe, 0000000D.00000003.1981437914.00000235D234B000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1928204329.00000235DC3EE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://services.addons.mozilla.org/api/v4/addons/search/?guid=default-theme%40mozilla.org%2Caddons-
Source: firefox.exe, 0000000F.00000002.2422028968.0000014A6BE31000.00000002.08000000.00040000.00000000.sdmpString found in binary or memory: https://services.addons.mozilla.org/api/v4/discovery/?lang=%LOCALE%&edition=%DISTRIBUTION%
Source: firefox.exe, 0000000F.00000002.2422028968.0000014A6BE31000.00000002.08000000.00040000.00000000.sdmpString found in binary or memory: https://services.addons.mozilla.org/api/v5/addons/browser-mappings/?browser=%BROWSER%
Source: firefox.exe, 0000000D.00000003.1691791503.00000235E0D7E000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1719223712.00000235E0D89000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://shavar.services.mozilla.com
Source: firefox.exe, 0000000D.00000003.1746990440.00000235D6B40000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://shavar.services.mozilla.com/
Source: firefox.exe, 0000000F.00000002.2422028968.0000014A6BE31000.00000002.08000000.00040000.00000000.sdmpString found in binary or memory: https://shavar.services.mozilla.com/downloads?client=SAFEBROWSING_ID&appver=%MAJOR_VERSION%&pver=2.2
Source: firefox.exe, 0000000D.00000003.1728639077.00000235DD958000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://shavar.services.mozilla.com/downloads?client=navclient-auto-ffox&appver=118.0&pver=2.2
Source: firefox.exe, 0000000F.00000002.2422028968.0000014A6BE31000.00000002.08000000.00040000.00000000.sdmpString found in binary or memory: https://shavar.services.mozilla.com/gethash?client=SAFEBROWSING_ID&appver=%MAJOR_VERSION%&pver=2.2
Source: firefox.exe, 0000000D.00000003.1964225729.00000235D52E8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://smartblock.firefox.etp/facebook.svg
Source: firefox.exe, 0000000D.00000003.1964225729.00000235D52E8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://smartblock.firefox.etp/play.svg
Source: firefox.exe, 0000000F.00000002.2422028968.0000014A6BE31000.00000002.08000000.00040000.00000000.sdmpString found in binary or memory: https://snippets.cdn.mozilla.net/%STARTPAGE_VERSION%/%NAME%/%VERSION%/%APPBUILDID%/%BUILD_TARGET%/%L
Source: firefox.exe, 0000000D.00000003.1480253579.00000235E10F4000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1734528325.00000235DC371000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://spocs.getpocket.com
Source: firefox.exe, 0000000D.00000003.1722788363.00000235DE1DE000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1472083793.00000235DE182000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000002.2431335485.0000014A6BF12000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000010.00000002.2427825243.000001D64A513000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://spocs.getpocket.com/
Source: firefox.exe, 0000000D.00000003.1472083793.00000235DE182000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://spocs.getpocket.com/spocs
Source: firefox.exe, 0000000D.00000003.1734528325.00000235DC397000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://spocs.getpocket.com/spocs#
Source: firefox.exe, 0000000D.00000003.1734528325.00000235DC397000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://spocs.getpocket.com/spocs#l
Source: firefox.exe, 0000000D.00000003.1752087951.00000235DDE56000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1725578068.00000235DDE51000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.2021061618.00000235DDE55000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1472083793.00000235DE182000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000002.2431335485.0000014A6BFC6000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000010.00000002.2427825243.000001D64A5F4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://spocs.getpocket.com/user
Source: firefox.exe, 0000000D.00000003.1727733318.00000235DD986000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://static.adsafeprotected.com/firefox-etp-js
Source: firefox.exe, 0000000D.00000003.1727733318.00000235DD986000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://static.adsafeprotected.com/firefox-etp-pixel
Source: places.sqlite-wal.13.drString found in binary or memory: https://support.mozilla.org
Source: firefox.exe, 0000000F.00000002.2422028968.0000014A6BE31000.00000002.08000000.00040000.00000000.sdmpString found in binary or memory: https://support.mozilla.org/1/firefox/%VERSION%/%OS%/%LOCALE%/
Source: firefox.exe, 0000000F.00000002.2422028968.0000014A6BE31000.00000002.08000000.00040000.00000000.sdmpString found in binary or memory: https://support.mozilla.org/1/firefox/%VERSION%/%OS%/%LOCALE%/cross-site-tracking-report
Source: firefox.exe, 0000000F.00000002.2422028968.0000014A6BE31000.00000002.08000000.00040000.00000000.sdmpString found in binary or memory: https://support.mozilla.org/1/firefox/%VERSION%/%OS%/%LOCALE%/cryptominers-report
Source: firefox.exe, 0000000F.00000002.2422028968.0000014A6BE31000.00000002.08000000.00040000.00000000.sdmpString found in binary or memory: https://support.mozilla.org/1/firefox/%VERSION%/%OS%/%LOCALE%/fingerprinters-report
Source: firefox.exe, 0000000F.00000002.2422028968.0000014A6BE31000.00000002.08000000.00040000.00000000.sdmpString found in binary or memory: https://support.mozilla.org/1/firefox/%VERSION%/%OS%/%LOCALE%/firefox-relay-integration
Source: firefox.exe, 0000000F.00000002.2422028968.0000014A6BE31000.00000002.08000000.00040000.00000000.sdmpString found in binary or memory: https://support.mozilla.org/1/firefox/%VERSION%/%OS%/%LOCALE%/password-manager-report
Source: firefox.exe, 0000000F.00000002.2422028968.0000014A6BE31000.00000002.08000000.00040000.00000000.sdmpString found in binary or memory: https://support.mozilla.org/1/firefox/%VERSION%/%OS%/%LOCALE%/search-engine-removal
Source: firefox.exe, 0000000F.00000002.2422028968.0000014A6BE31000.00000002.08000000.00040000.00000000.sdmpString found in binary or memory: https://support.mozilla.org/1/firefox/%VERSION%/%OS%/%LOCALE%/send-tab
Source: firefox.exe, 0000000F.00000002.2422028968.0000014A6BE31000.00000002.08000000.00040000.00000000.sdmpString found in binary or memory: https://support.mozilla.org/1/firefox/%VERSION%/%OS%/%LOCALE%/shield
Source: firefox.exe, 0000000F.00000002.2422028968.0000014A6BE31000.00000002.08000000.00040000.00000000.sdmpString found in binary or memory: https://support.mozilla.org/1/firefox/%VERSION%/%OS%/%LOCALE%/social-media-tracking-report
Source: firefox.exe, 0000000D.00000003.1887131482.00000235D1F35000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://support.mozilla.org/1/firefox/%VERSION%/%OS%/%LOCALE%/switching-devices?utm_source=panel-def
Source: firefox.exe, 0000000F.00000002.2422028968.0000014A6BE31000.00000002.08000000.00040000.00000000.sdmpString found in binary or memory: https://support.mozilla.org/1/firefox/%VERSION%/%OS%/%LOCALE%/tracking-content-report
Source: firefox.exe, 0000000D.00000003.1800490520.00000235D60C7000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1644356738.00000235E5CB6000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1824077135.00000235D60CC000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1957072372.00000235D60CC000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1850449082.00000235D60CC000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1686378220.00000235E5BE8000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1760114331.00000235E5CB6000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1646867908.00000235E5BDB000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1474791774.00000235D60BE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://support.mozilla.org/1/firefox/118.0.1/WINNT/en-US/
Source: firefox.exe, 0000000D.00000003.1627217897.00000235E4D77000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1715957210.00000235E4D89000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://support.mozilla.org/1/firefox/118.0.1/WINNT/en-US/firefox-relay-integration
Source: firefox.exe, 0000000D.00000003.1471427246.00000235E10F4000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1690771572.00000235E10F6000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1778373846.00000235E10F7000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1480253579.00000235E10F4000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1727733318.00000235DD971000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1703439755.00000235E3D89000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1686378220.00000235E5BF1000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.2027345586.00000235DDE23000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1646867908.00000235E5BDB000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000002.2422028968.0000014A6BE31000.00000002.08000000.00040000.00000000.sdmpString found in binary or memory: https://support.mozilla.org/kb/captive-portal
Source: places.sqlite-wal.13.drString found in binary or memory: https://support.mozilla.org/kb/customize-firefox-controls-buttons-and-toolbars?utm_source=firefox-br
Source: firefox.exe, 0000000D.00000003.1619363429.00000235E657B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://support.mozilla.org/kb/fix-video-audio-problems-firefox-windowsMediaPlatformDecoderNotFoundT
Source: firefox.exe, 0000000D.00000003.1619363429.00000235E657B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://support.mozilla.org/kb/fix-video-audio-problems-firefox-windowsMediaWMFNeededTo
Source: firefox.exe, 0000000D.00000003.1557844755.00000235D61A8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://support.mozilla.org/kb/refresh-firefox-reset-add-ons-and-settings
Source: firefox.exe, 0000000D.00000003.1739496891.00000235DC156000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://support.mozilla.org/kb/refresh-firefox-reset-add-ons-and-settings2
Source: places.sqlite-wal.13.drString found in binary or memory: https://support.mozilla.org/products/firefoxgro.allizom.troppus.oGUCFCdKfd-E
Source: firefox.exe, 0000000D.00000003.1832075809.00000235E0DFC000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://support.mozilla.orgP
Source: firefox.exe, 0000000F.00000002.2422028968.0000014A6BE31000.00000002.08000000.00040000.00000000.sdmpString found in binary or memory: https://token.services.mozilla.com/1.0/sync/1.5
Source: firefox.exe, 0000000D.00000003.1619363429.00000235E657B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://tools.ietf.org/html/draft-ietf-httpbis-encryption-encoding-02#section-2
Source: firefox.exe, 0000000D.00000003.1619363429.00000235E657B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://tools.ietf.org/html/draft-ietf-httpbis-encryption-encoding-02#section-3.1
Source: firefox.exe, 0000000D.00000003.1619363429.00000235E657B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://tools.ietf.org/html/draft-ietf-httpbis-encryption-encoding-02#section-4
Source: firefox.exe, 0000000D.00000003.1619363429.00000235E657B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://tools.ietf.org/html/rfc7515#appendix-C)
Source: firefox.exe, 0000000F.00000002.2422028968.0000014A6BE31000.00000002.08000000.00040000.00000000.sdmpString found in binary or memory: https://topsites.services.mozilla.com/cid/
Source: firefox.exe, 0000000F.00000002.2422028968.0000014A6BE31000.00000002.08000000.00040000.00000000.sdmpString found in binary or memory: https://tracking-protection-issues.herokuapp.com/new
Source: firefox.exe, 0000000D.00000003.1417274301.00000235D235D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://truecolors.firefox.com
Source: firefox.exe, 0000000D.00000003.1474256065.00000235DC532000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://twitter.com/
Source: firefox.exe, 0000000F.00000002.2422028968.0000014A6BE31000.00000002.08000000.00040000.00000000.sdmpString found in binary or memory: https://versioncheck-bg.addons.mozilla.org/update/VersionCheck.php?reqVersion=%REQ_VERSION%&id=%ITEM
Source: firefox.exe, 0000000F.00000002.2422028968.0000014A6BE31000.00000002.08000000.00040000.00000000.sdmpString found in binary or memory: https://versioncheck.addons.mozilla.org/update/VersionCheck.php?reqVersion=%REQ_VERSION%&id=%ITEM_ID
Source: firefox.exe, 0000000D.00000003.1785521245.00000235D6558000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://vk.com/
Source: firefox.exe, 0000000F.00000002.2422028968.0000014A6BE31000.00000002.08000000.00040000.00000000.sdmpString found in binary or memory: https://vpn.mozilla.org/?utm_source=firefox-browser&utm_medium=firefox-%CHANNEL%-browser&utm_campaig
Source: firefox.exe, 0000000F.00000002.2422028968.0000014A6BE31000.00000002.08000000.00040000.00000000.sdmpString found in binary or memory: https://vpn.mozilla.org/?utm_source=firefox-browser&utm_medium=firefox-browser&utm_campaign=about-pr
Source: firefox.exe, 0000000D.00000003.1727733318.00000235DD986000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://watch.sling.com/
Source: firefox.exe, 0000000F.00000002.2422028968.0000014A6BE31000.00000002.08000000.00040000.00000000.sdmpString found in binary or memory: https://webcompat.com/issues/new
Source: firefox.exe, 0000000F.00000002.2422028968.0000014A6BE31000.00000002.08000000.00040000.00000000.sdmpString found in binary or memory: https://webextensions.settings.services.mozilla.com/v1
Source: firefox.exe, 0000000D.00000003.1472083793.00000235DE182000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://webpack.js.org/concepts/mode/)
Source: firefox.exe, 0000000D.00000003.1785521245.00000235D6558000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1470866949.00000235DC223000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://weibo.com/
Source: firefox.exe, 0000000D.00000003.1785521245.00000235D6558000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1474256065.00000235DC532000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.aliexpress.com/
Source: firefox.exe, 0000000D.00000003.1592861492.00000235E4A88000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.amazon.ca/
Source: firefox.exe, 0000000D.00000003.1474256065.00000235DC532000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.amazon.co.uk/
Source: firefox.exe, 0000000D.00000003.1690771572.00000235E10EA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.amazon.com/
Source: firefox.exe, 0000000D.00000003.1986455951.00000235CFEB9000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1789218347.00000235D643C000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000002.2426790737.000002BC173E4000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000002.2431335485.0000014A6BFE9000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000010.00000002.2440991208.000001D64A703000.00000004.00000800.00020000.00000000.sdmp, prefs-1.js.13.drString found in binary or memory: https://www.amazon.com/?tag=admarketus-20&ref=pd_sl_39e4b8f6fd6635158ad433436bdaa069841cfdf8e1989e03
Source: firefox.exe, 0000000D.00000003.1819084298.00000235E3D98000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1518132796.00000235E4AFE000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1703439755.00000235E3D98000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1419463127.00000235D2416000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1419114127.00000235D1F00000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.amazon.com/exec/obidos/external-search/
Source: firefox.exe, 0000000D.00000003.1474256065.00000235DC532000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.amazon.de/
Source: firefox.exe, 0000000D.00000003.1474256065.00000235DC532000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.amazon.fr/
Source: firefox.exe, 0000000D.00000003.1785521245.00000235D6558000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1474256065.00000235DC532000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.avito.ru/
Source: firefox.exe, 0000000D.00000003.1785521245.00000235D6558000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1474256065.00000235DC532000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.baidu.com/
Source: firefox.exe, 0000000D.00000003.1474256065.00000235DC532000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.bbc.co.uk/
Source: firefox.exe, 0000000D.00000003.1785521245.00000235D6558000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1474256065.00000235DC532000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.ctrip.com/
Source: firefox.exe, 0000000D.00000003.2010639170.00000235E86F0000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1537795527.00000235D44E6000.00000004.00000020.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1578687988.00000235D44CF000.00000004.00000020.00020000.00000000.sdmp, gmpopenh264.dll.tmp.13.drString found in binary or memory: https://www.digicert.com/CPS0
Source: firefox.exe, 0000000D.00000003.1474256065.00000235DC532000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.ebay.co.uk/
Source: firefox.exe, 0000000D.00000003.1474256065.00000235DC532000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.ebay.de/
Source: firefox.exe, 0000000D.00000003.1474256065.00000235DC532000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.google.com/
Source: firefox.exe, 0000000D.00000003.1471427246.00000235E10DD000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.google.com/complete/
Source: firefox.exe, 0000000D.00000003.1459514872.00000235E118A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.google.com/complete/search
Source: firefox.exe, 0000000D.00000003.1419463127.00000235D2416000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1419114127.00000235D1F00000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.google.com/complete/search?client=firefox&q=
Source: firefox.exe, 0000000D.00000003.1931945157.00000235DC131000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1819084298.00000235E3D98000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1518132796.00000235E4AFE000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1703439755.00000235E3D98000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1419463127.00000235D2416000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1419114127.00000235D1F00000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.google.com/search
Source: firefox.exe, 0000000D.00000003.1621393600.00000235E63C9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.google.com/search?client=firefox-b-d&q=
Source: firefox.exe, 0000000F.00000002.2422028968.0000014A6BE31000.00000002.08000000.00040000.00000000.sdmpString found in binary or memory: https://www.googleapis.com/geolocation/v1/geolocate?key=%GOOGLE_LOCATION_SERVICE_API_KEY%
Source: firefox.exe, 0000000D.00000003.1785521245.00000235D6558000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1474256065.00000235DC532000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.ifeng.com/
Source: firefox.exe, 0000000D.00000003.1785521245.00000235D6558000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1474256065.00000235DC532000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.iqiyi.com/
Source: firefox.exe, 0000000D.00000003.1474256065.00000235DC532000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.leboncoin.fr/
Source: firefox.exe, 0000000D.00000003.1691056936.00000235E0DC1000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1719223712.00000235E0DC1000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.mobilesuica.com/
Source: places.sqlite-wal.13.drString found in binary or memory: https://www.mozilla.org
Source: firefox.exe, 0000000D.00000003.1724180654.00000235DDEA2000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1716970660.00000235E1047000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.mozilla.org/
Source: firefox.exe, 0000000F.00000002.2422028968.0000014A6BE31000.00000002.08000000.00040000.00000000.sdmpString found in binary or memory: https://www.mozilla.org/%LOCALE%/about/legal/terms/subscription-services/
Source: firefox.exe, 0000000F.00000002.2422028968.0000014A6BE31000.00000002.08000000.00040000.00000000.sdmpString found in binary or memory: https://www.mozilla.org/%LOCALE%/firefox/%VERSION%/releasenotes/?utm_source=firefox-browser&utm_medi
Source: firefox.exe, 0000000F.00000002.2422028968.0000014A6BE31000.00000002.08000000.00040000.00000000.sdmpString found in binary or memory: https://www.mozilla.org/%LOCALE%/firefox/%VERSION%/tour/
Source: firefox.exe, 0000000F.00000002.2422028968.0000014A6BE31000.00000002.08000000.00040000.00000000.sdmpString found in binary or memory: https://www.mozilla.org/%LOCALE%/firefox/geolocation/
Source: firefox.exe, 0000000F.00000002.2422028968.0000014A6BE31000.00000002.08000000.00040000.00000000.sdmpString found in binary or memory: https://www.mozilla.org/%LOCALE%/firefox/new?reason=manual-update
Source: firefox.exe, 0000000F.00000002.2422028968.0000014A6BE31000.00000002.08000000.00040000.00000000.sdmpString found in binary or memory: https://www.mozilla.org/%LOCALE%/firefox/notes
Source: firefox.exe, 0000000F.00000002.2422028968.0000014A6BE31000.00000002.08000000.00040000.00000000.sdmpString found in binary or memory: https://www.mozilla.org/%LOCALE%/firefox/set-as-default/thanks/
Source: firefox.exe, 0000000F.00000002.2422028968.0000014A6BE31000.00000002.08000000.00040000.00000000.sdmpString found in binary or memory: https://www.mozilla.org/%LOCALE%/firefox/xr/
Source: firefox.exe, 0000000F.00000002.2422028968.0000014A6BE31000.00000002.08000000.00040000.00000000.sdmpString found in binary or memory: https://www.mozilla.org/%LOCALE%/privacy/subscription-services/
Source: firefox.exe, 0000000D.00000003.1852101331.000015F6B2603000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.mozilla.org/Z
Source: places.sqlite-wal.13.drString found in binary or memory: https://www.mozilla.org/about/gro.allizom.www.c0yfKF26qNRb
Source: firefox.exe, 0000000D.00000003.1484635852.00000235E11B6000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1484252913.00000235E11E6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.mozilla.org/about/legal/terms/mozilla/
Source: firefox.exe, 0000000D.00000003.1763391492.00000235E5C2F000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.mozilla.org/anything/?
Source: places.sqlite-wal.13.drString found in binary or memory: https://www.mozilla.org/contribute/gro.allizom.www.w0HgyL2ZPBj2
Source: firefox.exe, 0000000D.00000003.1627217897.00000235E4D77000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1715957210.00000235E4D89000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.mozilla.org/en-US/about/legal/terms/subscription-services/
Source: firefox.exe, 0000000D.00000003.1686310267.00000235E5CFE000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1997081063.00000235E6376000.00000004.00000800.00020000.00000000.sdmp, targeting.snapshot.json.tmp.13.drString found in binary or memory: https://www.mozilla.org/en-US/privacy/firefox/
Source: firefox.exe, 0000000D.00000003.1640008762.00000A87E3F03000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.mozilla.org/en-US/privacy/firefox/Z
Source: firefox.exe, 0000000D.00000003.1621527108.00000235E63BB000.00000004.00000800.00020000.00000000.sdmp, places.sqlite-wal.13.drString found in binary or memory: https://www.mozilla.org/en-US/privacy/firefox/gro.allizom.www.d
Source: firefox.exe, 0000000D.00000003.1627217897.00000235E4D77000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1715957210.00000235E4D89000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.mozilla.org/en-US/privacy/subscription-services/
Source: places.sqlite-wal.13.drString found in binary or memory: https://www.mozilla.org/firefox/?utm_medium=firefox-desktop&utm_source=bookmarks-toolbar&utm_campaig
Source: firefox.exe, 0000000F.00000002.2422028968.0000014A6BE31000.00000002.08000000.00040000.00000000.sdmpString found in binary or memory: https://www.mozilla.org/firefox/android/?utm_source=firefox-browser&utm_medium=firefox-browser&utm_c
Source: firefox.exe, 0000000F.00000002.2422028968.0000014A6BE31000.00000002.08000000.00040000.00000000.sdmpString found in binary or memory: https://www.mozilla.org/firefox/ios/?utm_source=firefox-browser&utm_medium=firefox-browser&utm_campa
Source: firefox.exe, 0000000D.00000003.1763391492.00000235E5C55000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.mozilla.org/firefox/mobile/get-app/?utm_medium=firefox-desktop&utm_source=onboarding-mod
Source: firefox.exe, 0000000F.00000002.2422028968.0000014A6BE31000.00000002.08000000.00040000.00000000.sdmpString found in binary or memory: https://www.mozilla.org/legal/privacy/firefox.html
Source: firefox.exe, 0000000F.00000002.2422028968.0000014A6BE31000.00000002.08000000.00040000.00000000.sdmpString found in binary or memory: https://www.mozilla.org/legal/privacy/firefox.html#crash-reporter
Source: firefox.exe, 0000000F.00000002.2422028968.0000014A6BE31000.00000002.08000000.00040000.00000000.sdmpString found in binary or memory: https://www.mozilla.org/legal/privacy/firefox.html#health-report
Source: firefox.exe, 0000000E.00000002.2426790737.000002BC173C8000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000002.2431335485.0000014A6BFC6000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000010.00000002.2427825243.000001D64A5F4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.mozilla.org/privacy/firefox/
Source: firefox.exe, 0000000D.00000003.1734528325.00000235DC397000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.mozilla.org/privacy/firefox/#suggest-relevant-contentP
Source: firefox.exe, 0000000F.00000002.2422028968.0000014A6BE31000.00000002.08000000.00040000.00000000.sdmpString found in binary or memory: https://www.mozilla.org/privacy/firefox/?utm_source=firefox-browser&utm_medium=firefox-browser&utm_c
Source: firefox.exe, 0000000D.00000003.1734528325.00000235DC397000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.mozilla.org/privacy/firefox/V
Source: firefox.exe, 0000000D.00000003.1621527108.00000235E63BB000.00000004.00000800.00020000.00000000.sdmp, places.sqlite-wal.13.drString found in binary or memory: https://www.mozilla.org/privacy/firefox/gro.allizom.www.
Source: firefox.exe, 0000000D.00000003.1740009226.00000235D77FB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.msn.com
Source: firefox.exe, 0000000D.00000003.1474256065.00000235DC532000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.olx.pl/
Source: firefox.exe, 0000000D.00000003.1474256065.00000235DC532000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.reddit.com/
Source: firefox.exe, 0000000D.00000003.1727733318.00000235DD986000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.sling.com/
Source: firefox.exe, 0000000D.00000003.1986455951.00000235CFEB9000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1789218347.00000235D643C000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000002.2426790737.000002BC173E4000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000002.2431335485.0000014A6BFE9000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000010.00000002.2440991208.000001D64A703000.00000004.00000800.00020000.00000000.sdmp, prefs-1.js.13.drString found in binary or memory: https://www.t-mobile.com/cell-phones/brand/apple?cmpid=MGPO_PAM_P_EVGRNIPHN_
Source: firefox.exe, 0000000D.00000003.1765347483.00000235E5BD1000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1643080369.00002D8BE8704000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1646867908.00000235E5BC3000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1686770749.00000235E5BD1000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.tiktok.com/
Source: firefox.exe, 0000000D.00000003.1474256065.00000235DC532000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.wykop.pl/
Source: firefox.exe, 0000000D.00000003.1785521245.00000235D6558000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1474256065.00000235DC532000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1737424352.00000235DC1AC000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000002.2431335485.0000014A6BF0A000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000010.00000002.2427825243.000001D64A50C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.youtube.com/
Source: firefox.exe, 0000000D.00000003.1785521245.00000235D6558000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.zhihu.com/
Source: firefox.exe, 0000000D.00000003.1619363429.00000235E657B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://xhr.spec.whatwg.org/#sync-warningWindow_Cc_ontrollersWarningwindow.controllers/Controllers
Source: unknownNetwork traffic detected: HTTP traffic on port 49733 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49744
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49743
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49742
Source: unknownNetwork traffic detected: HTTP traffic on port 49743 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49746 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49720 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49717 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49736 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49737
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49736
Source: unknownNetwork traffic detected: HTTP traffic on port 49759 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49735
Source: unknownNetwork traffic detected: HTTP traffic on port 49753 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49734
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49733
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49732
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49731
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49730
Source: unknownNetwork traffic detected: HTTP traffic on port 49732 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49724 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49742 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49749 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49721 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49729
Source: unknownNetwork traffic detected: HTTP traffic on port 49752 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49735 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49725
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49724
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49723
Source: unknownNetwork traffic detected: HTTP traffic on port 49756 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49721
Source: unknownNetwork traffic detected: HTTP traffic on port 49758 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49720
Source: unknownNetwork traffic detected: HTTP traffic on port 49731 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49725 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49729 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49745 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49719 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49719
Source: unknownNetwork traffic detected: HTTP traffic on port 49751 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49717
Source: unknownNetwork traffic detected: HTTP traffic on port 49715 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49716
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49715
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49759
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49758
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49757
Source: unknownNetwork traffic detected: HTTP traffic on port 49755 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49756
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49755
Source: unknownNetwork traffic detected: HTTP traffic on port 49757 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49734 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49754
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49753
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49752
Source: unknownNetwork traffic detected: HTTP traffic on port 49730 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49751
Source: unknownNetwork traffic detected: HTTP traffic on port 49747 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49744 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49723 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49716 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49749
Source: unknownNetwork traffic detected: HTTP traffic on port 49754 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49747
Source: unknownNetwork traffic detected: HTTP traffic on port 49737 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49746
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49745
Source: unknownHTTPS traffic detected: 35.244.181.201:443 -> 192.168.2.16:49719 version: TLS 1.2
Source: unknownHTTPS traffic detected: 34.160.144.191:443 -> 192.168.2.16:49721 version: TLS 1.2
Source: unknownHTTPS traffic detected: 34.160.144.191:443 -> 192.168.2.16:49724 version: TLS 1.2
Source: unknownHTTPS traffic detected: 35.244.181.201:443 -> 192.168.2.16:49731 version: TLS 1.2
Source: unknownHTTPS traffic detected: 34.149.100.209:443 -> 192.168.2.16:49732 version: TLS 1.2
Source: unknownHTTPS traffic detected: 34.149.100.209:443 -> 192.168.2.16:49734 version: TLS 1.2
Source: unknownHTTPS traffic detected: 34.120.208.123:443 -> 192.168.2.16:49737 version: TLS 1.2
Source: unknownHTTPS traffic detected: 34.120.208.123:443 -> 192.168.2.16:49736 version: TLS 1.2
Source: unknownHTTPS traffic detected: 34.149.100.209:443 -> 192.168.2.16:49742 version: TLS 1.2
Source: unknownHTTPS traffic detected: 18.173.166.117:443 -> 192.168.2.16:49744 version: TLS 1.2
Source: unknownHTTPS traffic detected: 35.244.181.201:443 -> 192.168.2.16:49743 version: TLS 1.2
Source: unknownHTTPS traffic detected: 35.244.181.201:443 -> 192.168.2.16:49746 version: TLS 1.2
Source: unknownHTTPS traffic detected: 35.244.181.201:443 -> 192.168.2.16:49747 version: TLS 1.2
Source: unknownHTTPS traffic detected: 35.244.181.201:443 -> 192.168.2.16:49745 version: TLS 1.2
Source: unknownHTTPS traffic detected: 34.149.100.209:443 -> 192.168.2.16:49751 version: TLS 1.2
Source: unknownHTTPS traffic detected: 34.120.208.123:443 -> 192.168.2.16:49757 version: TLS 1.2
Source: unknownHTTPS traffic detected: 34.120.208.123:443 -> 192.168.2.16:49754 version: TLS 1.2
Source: unknownHTTPS traffic detected: 34.120.208.123:443 -> 192.168.2.16:49755 version: TLS 1.2
Source: unknownHTTPS traffic detected: 34.120.208.123:443 -> 192.168.2.16:49752 version: TLS 1.2
Source: unknownHTTPS traffic detected: 34.120.208.123:443 -> 192.168.2.16:49753 version: TLS 1.2
Source: unknownHTTPS traffic detected: 34.120.208.123:443 -> 192.168.2.16:49756 version: TLS 1.2
Source: unknownHTTPS traffic detected: 34.120.208.123:443 -> 192.168.2.16:49758 version: TLS 1.2
Source: unknownHTTPS traffic detected: 34.120.208.123:443 -> 192.168.2.16:49759 version: TLS 1.2
Source: C:\Program Files\Mozilla Firefox\firefox.exeCode function: 15_2_0000014A6BE84BB7 NtQuerySystemInformation,15_2_0000014A6BE84BB7
Source: C:\Program Files\Mozilla Firefox\firefox.exeCode function: 15_2_0000014A6BEB64B2 NtQuerySystemInformation,15_2_0000014A6BEB64B2
Source: C:\Program Files\Mozilla Firefox\firefox.exeCode function: 15_2_0000014A6BE84BB715_2_0000014A6BE84BB7
Source: C:\Program Files\Mozilla Firefox\firefox.exeCode function: 15_2_0000014A6BEB64B215_2_0000014A6BEB64B2
Source: C:\Program Files\Mozilla Firefox\firefox.exeCode function: 15_2_0000014A6BEB64F215_2_0000014A6BEB64F2
Source: C:\Program Files\Mozilla Firefox\firefox.exeCode function: 15_2_0000014A6BEB6BDC15_2_0000014A6BEB6BDC
Source: classification engineClassification label: clean5.winZIP@36/52@53/9
Source: C:\Program Files\Mozilla Firefox\firefox.exeFile created: C:\Users\user\AppData\Local\Mozilla\Firefox\SkeletonUILock-c388d246Jump to behavior
Source: C:\Windows\System32\OpenWith.exeMutant created: \Sessions\1\BaseNamedObjects\Local\SM0:1844:120:WilError_03
Source: C:\Windows\System32\OpenWith.exeMutant created: \Sessions\1\BaseNamedObjects\Local\SM0:852:120:WilError_03
Source: C:\Program Files\Mozilla Firefox\firefox.exeFile created: C:\Users\user\AppData\Local\Temp\firefoxJump to behavior
Source: C:\Windows\System32\OpenWith.exeFile read: C:\Users\desktop.iniJump to behavior
Source: C:\Windows\System32\rundll32.exeKey opened: HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\Safer\CodeIdentifiersJump to behavior
Source: unknownProcess created: C:\Windows\System32\rundll32.exe C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding
Source: firefox.exe, 0000000D.00000003.1748207004.00000235E636D000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: SELECT * FROM events WHERE timestamp BETWEEN date(:dateFrom) AND date(:dateTo);
Source: firefox.exe, 0000000D.00000003.1748207004.00000235E636D000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: CREATE TABLE events (id INTEGER PRIMARY KEY, type INTEGER NOT NULL, count INTEGER NOT NULL, timestamp DATE );
Source: firefox.exe, 0000000D.00000003.1748207004.00000235E636D000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: INSERT INTO events (type, count, timestamp) VALUES (:type, 1, date(:date));
Source: firefox.exe, 0000000D.00000003.1748207004.00000235E636D000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: SELECT timestamp FROM events ORDER BY timestamp ASC LIMIT 1;;
Source: firefox.exe, 0000000D.00000003.1748207004.00000235E636D000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: SELECT timestamp FROM events ORDER BY timestamp ASC LIMIT 1;;Fy6
Source: firefox.exe, 0000000D.00000003.1748207004.00000235E636D000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: UPDATE events SET count = count + 1 WHERE id = :id;-
Source: firefox.exe, 0000000D.00000003.1748207004.00000235E636D000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: SELECT sum(count) FROM events;9'
Source: firefox.exe, 0000000D.00000003.1748207004.00000235E636D000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: SELECT sum(count) FROM events;9
Source: firefox.exe, 0000000D.00000003.1748207004.00000235E636D000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: SELECT * FROM events WHERE type = :type AND timestamp = date(:date);
Source: unknownProcess created: C:\Windows\System32\rundll32.exe C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding
Source: unknownProcess created: C:\Windows\System32\OpenWith.exe C:\Windows\system32\OpenWith.exe -Embedding
Source: C:\Windows\System32\OpenWith.exeProcess created: C:\Program Files\Mozilla Firefox\firefox.exe "C:\Program Files\Mozilla Firefox\firefox.exe" -osint -url "C:\Users\user\AppData\Local\Temp\Temp1_MDE_File_Sample_a8068703372ae00821df45d3d1e83528d5b75530.zip\a8068703372ae00821df45d3d1e83528d5b75530"
Source: C:\Program Files\Mozilla Firefox\firefox.exeProcess created: C:\Program Files\Mozilla Firefox\firefox.exe "C:\Program Files\Mozilla Firefox\firefox.exe" -osint -url C:\Users\user\AppData\Local\Temp\Temp1_MDE_File_Sample_a8068703372ae00821df45d3d1e83528d5b75530.zip\a8068703372ae00821df45d3d1e83528d5b75530
Source: C:\Program Files\Mozilla Firefox\firefox.exeProcess created: C:\Program Files\Mozilla Firefox\firefox.exe "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=2304 -parentBuildID 20230927232528 -prefsHandle 2248 -prefMapHandle 2232 -prefsLen 25250 -prefMapSize 237879 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {84178f49-fa31-4e5c-8e41-cdee470f9e82} 6392 "\\.\pipe\gecko-crash-server-pipe.6392" 235c4671b10 socket
Source: C:\Program Files\Mozilla Firefox\firefox.exeProcess created: C:\Program Files\Mozilla Firefox\firefox.exe "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=4020 -parentBuildID 20230927232528 -prefsHandle 4012 -prefMapHandle 4004 -prefsLen 26265 -prefMapSize 237879 -appDir "C:\Program Files\Mozilla Firefox\browser" - {97f5d0a2-275d-4e4d-81e3-139df34d68d6} 6392 "\\.\pipe\gecko-crash-server-pipe.6392" 235d65df510 rdd
Source: C:\Program Files\Mozilla Firefox\firefox.exeProcess created: C:\Program Files\Mozilla Firefox\firefox.exe "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=5548 -parentBuildID 20230927232528 -sandboxingKind 0 -prefsHandle 5620 -prefMapHandle 5616 -prefsLen 33076 -prefMapSize 237879 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {b6afafae-c0dc-4023-a0ff-235b54a45615} 6392 "\\.\pipe\gecko-crash-server-pipe.6392" 235e4d2fd10 utility
Source: unknownProcess created: C:\Windows\System32\OpenWith.exe C:\Windows\system32\OpenWith.exe -Embedding
Source: C:\Windows\System32\OpenWith.exeProcess created: C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe "C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe" "C:\Users\user\Downloads\a8068703372ae00821df45d3d1e83528d5b75530"
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exeProcess created: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe "C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe" --backgroundcolor=16777215
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exeProcess created: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe "C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --log-severity=disable --user-agent-product="ReaderServices/23.6.20320 Chrome/105.0.0.0" --lang=en-US --log-file="C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\debug.log" --mojo-platform-channel-handle=1756 --field-trial-handle=1584,i,12228695359465084029,946614608337436379,131072 --disable-features=BackForwardCache,CalculateNativeWinOcclusion,WinUseBrowserSpellChecker /prefetch:8
Source: C:\Windows\System32\OpenWith.exeProcess created: C:\Program Files\Mozilla Firefox\firefox.exe "C:\Program Files\Mozilla Firefox\firefox.exe" -osint -url "C:\Users\user\AppData\Local\Temp\Temp1_MDE_File_Sample_a8068703372ae00821df45d3d1e83528d5b75530.zip\a8068703372ae00821df45d3d1e83528d5b75530"Jump to behavior
Source: C:\Program Files\Mozilla Firefox\firefox.exeProcess created: C:\Program Files\Mozilla Firefox\firefox.exe "C:\Program Files\Mozilla Firefox\firefox.exe" -osint -url C:\Users\user\AppData\Local\Temp\Temp1_MDE_File_Sample_a8068703372ae00821df45d3d1e83528d5b75530.zip\a8068703372ae00821df45d3d1e83528d5b75530Jump to behavior
Source: C:\Program Files\Mozilla Firefox\firefox.exeProcess created: C:\Program Files\Mozilla Firefox\firefox.exe "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=2304 -parentBuildID 20230927232528 -prefsHandle 2248 -prefMapHandle 2232 -prefsLen 25250 -prefMapSize 237879 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {84178f49-fa31-4e5c-8e41-cdee470f9e82} 6392 "\\.\pipe\gecko-crash-server-pipe.6392" 235c4671b10 socketJump to behavior
Source: C:\Program Files\Mozilla Firefox\firefox.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Mozilla Firefox\firefox.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Mozilla Firefox\firefox.exeProcess created: C:\Program Files\Mozilla Firefox\firefox.exe "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=4020 -parentBuildID 20230927232528 -prefsHandle 4012 -prefMapHandle 4004 -prefsLen 26265 -prefMapSize 237879 -appDir "C:\Program Files\Mozilla Firefox\browser" - {97f5d0a2-275d-4e4d-81e3-139df34d68d6} 6392 "\\.\pipe\gecko-crash-server-pipe.6392" 235d65df510 rddJump to behavior
Source: C:\Program Files\Mozilla Firefox\firefox.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Mozilla Firefox\firefox.exeProcess created: C:\Program Files\Mozilla Firefox\firefox.exe "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=5548 -parentBuildID 20230927232528 -sandboxingKind 0 -prefsHandle 5620 -prefMapHandle 5616 -prefsLen 33076 -prefMapSize 237879 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {b6afafae-c0dc-4023-a0ff-235b54a45615} 6392 "\\.\pipe\gecko-crash-server-pipe.6392" 235e4d2fd10 utilityJump to behavior
Source: C:\Program Files\Mozilla Firefox\firefox.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Mozilla Firefox\firefox.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Mozilla Firefox\firefox.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Mozilla Firefox\firefox.exeProcess created: unknown unknownJump to behavior
Source: C:\Windows\System32\OpenWith.exeProcess created: C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe "C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe" "C:\Users\user\Downloads\a8068703372ae00821df45d3d1e83528d5b75530"Jump to behavior
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exeProcess created: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe "C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe" --backgroundcolor=16777215Jump to behavior
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exeProcess created: unknown unknown
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exeProcess created: unknown unknown
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exeProcess created: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe "C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --log-severity=disable --user-agent-product="ReaderServices/23.6.20320 Chrome/105.0.0.0" --lang=en-US --log-file="C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\debug.log" --mojo-platform-channel-handle=1756 --field-trial-handle=1584,i,12228695359465084029,946614608337436379,131072 --disable-features=BackForwardCache,CalculateNativeWinOcclusion,WinUseBrowserSpellChecker /prefetch:8
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exeProcess created: unknown unknown
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exeProcess created: unknown unknown
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exeProcess created: unknown unknown
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exeProcess created: unknown unknown
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exeProcess created: unknown unknown
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exeProcess created: unknown unknown
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exeProcess created: unknown unknown
Source: C:\Windows\System32\OpenWith.exeSection loaded: kernel.appcore.dllJump to behavior
Source: C:\Windows\System32\OpenWith.exeSection loaded: uxtheme.dllJump to behavior
Source: C:\Windows\System32\OpenWith.exeSection loaded: onecoreuapcommonproxystub.dllJump to behavior
Source: C:\Windows\System32\OpenWith.exeSection loaded: windows.storage.dllJump to behavior
Source: C:\Windows\System32\OpenWith.exeSection loaded: wldp.dllJump to behavior
Source: C:\Windows\System32\OpenWith.exeSection loaded: twinui.dllJump to behavior
Source: C:\Windows\System32\OpenWith.exeSection loaded: wintypes.dllJump to behavior
Source: C:\Windows\System32\OpenWith.exeSection loaded: powrprof.dllJump to behavior
Source: C:\Windows\System32\OpenWith.exeSection loaded: dwmapi.dllJump to behavior
Source: C:\Windows\System32\OpenWith.exeSection loaded: pdh.dllJump to behavior
Source: C:\Windows\System32\OpenWith.exeSection loaded: umpdc.dllJump to behavior
Source: C:\Windows\System32\OpenWith.exeSection loaded: onecorecommonproxystub.dllJump to behavior
Source: C:\Windows\System32\OpenWith.exeSection loaded: actxprxy.dllJump to behavior
Source: C:\Windows\System32\OpenWith.exeSection loaded: propsys.dllJump to behavior
Source: C:\Windows\System32\OpenWith.exeSection loaded: profapi.dllJump to behavior
Source: C:\Windows\System32\OpenWith.exeSection loaded: windows.staterepositoryps.dllJump to behavior
Source: C:\Windows\System32\OpenWith.exeSection loaded: windows.ui.appdefaults.dllJump to behavior
Source: C:\Windows\System32\OpenWith.exeSection loaded: windows.ui.immersive.dllJump to behavior
Source: C:\Windows\System32\OpenWith.exeSection loaded: ntmarta.dllJump to behavior
Source: C:\Windows\System32\OpenWith.exeSection loaded: uiautomationcore.dllJump to behavior
Source: C:\Windows\System32\OpenWith.exeSection loaded: dui70.dllJump to behavior
Source: C:\Windows\System32\OpenWith.exeSection loaded: duser.dllJump to behavior
Source: C:\Windows\System32\OpenWith.exeSection loaded: dwrite.dllJump to behavior
Source: C:\Windows\System32\OpenWith.exeSection loaded: bcp47mrm.dllJump to behavior
Source: C:\Windows\System32\OpenWith.exeSection loaded: uianimation.dllJump to behavior
Source: C:\Windows\System32\OpenWith.exeSection loaded: d3d11.dllJump to behavior
Source: C:\Windows\System32\OpenWith.exeSection loaded: dxgi.dllJump to behavior
Source: C:\Windows\System32\OpenWith.exeSection loaded: d3d10warp.dllJump to behavior
Source: C:\Windows\System32\OpenWith.exeSection loaded: resourcepolicyclient.dllJump to behavior
Source: C:\Windows\System32\OpenWith.exeSection loaded: dxcore.dllJump to behavior
Source: C:\Windows\System32\OpenWith.exeSection loaded: dcomp.dllJump to behavior
Source: C:\Windows\System32\OpenWith.exeSection loaded: oleacc.dllJump to behavior
Source: C:\Windows\System32\OpenWith.exeSection loaded: edputil.dllJump to behavior
Source: C:\Windows\System32\OpenWith.exeSection loaded: windows.ui.dllJump to behavior
Source: C:\Windows\System32\OpenWith.exeSection loaded: windowmanagementapi.dllJump to behavior
Source: C:\Windows\System32\OpenWith.exeSection loaded: textinputframework.dllJump to behavior
Source: C:\Windows\System32\OpenWith.exeSection loaded: inputhost.dllJump to behavior
Source: C:\Windows\System32\OpenWith.exeSection loaded: twinapi.appcore.dllJump to behavior
Source: C:\Windows\System32\OpenWith.exeSection loaded: coremessaging.dllJump to behavior
Source: C:\Windows\System32\OpenWith.exeSection loaded: coremessaging.dllJump to behavior
Source: C:\Windows\System32\OpenWith.exeSection loaded: twinapi.appcore.dllJump to behavior
Source: C:\Windows\System32\OpenWith.exeSection loaded: coreuicomponents.dllJump to behavior
Source: C:\Windows\System32\OpenWith.exeSection loaded: coreuicomponents.dllJump to behavior
Source: C:\Windows\System32\OpenWith.exeSection loaded: coremessaging.dllJump to behavior
Source: C:\Windows\System32\OpenWith.exeSection loaded: windowscodecs.dllJump to behavior
Source: C:\Windows\System32\OpenWith.exeSection loaded: thumbcache.dllJump to behavior
Source: C:\Windows\System32\OpenWith.exeSection loaded: policymanager.dllJump to behavior
Source: C:\Windows\System32\OpenWith.exeSection loaded: msvcp110_win.dllJump to behavior
Source: C:\Windows\System32\OpenWith.exeSection loaded: sxs.dllJump to behavior
Source: C:\Windows\System32\OpenWith.exeSection loaded: directmanipulation.dllJump to behavior
Source: C:\Windows\System32\OpenWith.exeSection loaded: textshaping.dllJump to behavior
Source: C:\Windows\System32\OpenWith.exeSection loaded: ninput.dllJump to behavior
Source: C:\Windows\System32\OpenWith.exeSection loaded: urlmon.dllJump to behavior
Source: C:\Windows\System32\OpenWith.exeSection loaded: iertutil.dllJump to behavior
Source: C:\Windows\System32\OpenWith.exeSection loaded: srvcli.dllJump to behavior
Source: C:\Windows\System32\OpenWith.exeSection loaded: netutils.dllJump to behavior
Source: C:\Windows\System32\OpenWith.exeSection loaded: sspicli.dllJump to behavior
Source: C:\Windows\System32\OpenWith.exeSection loaded: appresolver.dllJump to behavior
Source: C:\Windows\System32\OpenWith.exeSection loaded: bcp47langs.dllJump to behavior
Source: C:\Windows\System32\OpenWith.exeSection loaded: slc.dllJump to behavior
Source: C:\Windows\System32\OpenWith.exeSection loaded: userenv.dllJump to behavior
Source: C:\Windows\System32\OpenWith.exeSection loaded: sppc.dllJump to behavior
Source: C:\Windows\System32\OpenWith.exeSection loaded: pcacli.dllJump to behavior
Source: C:\Windows\System32\OpenWith.exeSection loaded: mpr.dllJump to behavior
Source: C:\Windows\System32\OpenWith.exeSection loaded: sfc_os.dllJump to behavior
Source: C:\Windows\System32\OpenWith.exeSection loaded: kernel.appcore.dllJump to behavior
Source: C:\Windows\System32\OpenWith.exeSection loaded: uxtheme.dllJump to behavior
Source: C:\Windows\System32\OpenWith.exeSection loaded: onecoreuapcommonproxystub.dllJump to behavior
Source: C:\Windows\System32\OpenWith.exeSection loaded: windows.storage.dllJump to behavior
Source: C:\Windows\System32\OpenWith.exeSection loaded: wldp.dllJump to behavior
Source: C:\Windows\System32\OpenWith.exeSection loaded: twinui.dllJump to behavior
Source: C:\Windows\System32\OpenWith.exeSection loaded: wintypes.dllJump to behavior
Source: C:\Windows\System32\OpenWith.exeSection loaded: powrprof.dllJump to behavior
Source: C:\Windows\System32\OpenWith.exeSection loaded: dwmapi.dllJump to behavior
Source: C:\Windows\System32\OpenWith.exeSection loaded: pdh.dllJump to behavior
Source: C:\Windows\System32\OpenWith.exeSection loaded: umpdc.dllJump to behavior
Source: C:\Windows\System32\OpenWith.exeSection loaded: onecorecommonproxystub.dllJump to behavior
Source: C:\Windows\System32\OpenWith.exeSection loaded: actxprxy.dllJump to behavior
Source: C:\Windows\System32\OpenWith.exeSection loaded: propsys.dllJump to behavior
Source: C:\Windows\System32\OpenWith.exeSection loaded: windows.staterepositoryps.dllJump to behavior
Source: C:\Windows\System32\OpenWith.exeSection loaded: windows.ui.appdefaults.dllJump to behavior
Source: C:\Windows\System32\OpenWith.exeSection loaded: windows.ui.immersive.dllJump to behavior
Source: C:\Windows\System32\OpenWith.exeSection loaded: profapi.dllJump to behavior
Source: C:\Windows\System32\OpenWith.exeSection loaded: ntmarta.dllJump to behavior
Source: C:\Windows\System32\OpenWith.exeSection loaded: uiautomationcore.dllJump to behavior
Source: C:\Windows\System32\OpenWith.exeSection loaded: dui70.dllJump to behavior
Source: C:\Windows\System32\OpenWith.exeSection loaded: duser.dllJump to behavior
Source: C:\Windows\System32\OpenWith.exeSection loaded: dwrite.dllJump to behavior
Source: C:\Windows\System32\OpenWith.exeSection loaded: bcp47mrm.dllJump to behavior
Source: C:\Windows\System32\OpenWith.exeSection loaded: uianimation.dllJump to behavior
Source: C:\Windows\System32\OpenWith.exeSection loaded: d3d11.dllJump to behavior
Source: C:\Windows\System32\OpenWith.exeSection loaded: dxgi.dllJump to behavior
Source: C:\Windows\System32\OpenWith.exeSection loaded: d3d10warp.dllJump to behavior
Source: C:\Windows\System32\OpenWith.exeSection loaded: resourcepolicyclient.dllJump to behavior
Source: C:\Windows\System32\OpenWith.exeSection loaded: dxcore.dllJump to behavior
Source: C:\Windows\System32\OpenWith.exeSection loaded: dcomp.dllJump to behavior
Source: C:\Windows\System32\OpenWith.exeSection loaded: oleacc.dllJump to behavior
Source: C:\Windows\System32\OpenWith.exeSection loaded: edputil.dllJump to behavior
Source: C:\Windows\System32\OpenWith.exeSection loaded: windows.ui.dllJump to behavior
Source: C:\Windows\System32\OpenWith.exeSection loaded: windowmanagementapi.dllJump to behavior
Source: C:\Windows\System32\OpenWith.exeSection loaded: textinputframework.dllJump to behavior
Source: C:\Windows\System32\OpenWith.exeSection loaded: inputhost.dllJump to behavior
Source: C:\Windows\System32\OpenWith.exeSection loaded: coreuicomponents.dllJump to behavior
Source: C:\Windows\System32\OpenWith.exeSection loaded: coremessaging.dllJump to behavior
Source: C:\Windows\System32\OpenWith.exeSection loaded: coremessaging.dllJump to behavior
Source: C:\Windows\System32\OpenWith.exeSection loaded: coreuicomponents.dllJump to behavior
Source: C:\Windows\System32\OpenWith.exeSection loaded: twinapi.appcore.dllJump to behavior
Source: C:\Windows\System32\OpenWith.exeSection loaded: coremessaging.dllJump to behavior
Source: C:\Windows\System32\OpenWith.exeSection loaded: twinapi.appcore.dllJump to behavior
Source: C:\Windows\System32\OpenWith.exeSection loaded: windowscodecs.dllJump to behavior
Source: C:\Windows\System32\OpenWith.exeSection loaded: thumbcache.dllJump to behavior
Source: C:\Windows\System32\OpenWith.exeSection loaded: sxs.dllJump to behavior
Source: C:\Windows\System32\OpenWith.exeSection loaded: directmanipulation.dllJump to behavior
Source: C:\Windows\System32\OpenWith.exeSection loaded: textshaping.dllJump to behavior
Source: C:\Windows\System32\OpenWith.exeSection loaded: urlmon.dllJump to behavior
Source: C:\Windows\System32\OpenWith.exeSection loaded: iertutil.dllJump to behavior
Source: C:\Windows\System32\OpenWith.exeSection loaded: srvcli.dllJump to behavior
Source: C:\Windows\System32\OpenWith.exeSection loaded: netutils.dllJump to behavior
Source: C:\Windows\System32\OpenWith.exeSection loaded: sspicli.dllJump to behavior
Source: C:\Windows\System32\OpenWith.exeSection loaded: appresolver.dllJump to behavior
Source: C:\Windows\System32\OpenWith.exeSection loaded: bcp47langs.dllJump to behavior
Source: C:\Windows\System32\OpenWith.exeSection loaded: slc.dllJump to behavior
Source: C:\Windows\System32\OpenWith.exeSection loaded: userenv.dllJump to behavior
Source: C:\Windows\System32\OpenWith.exeSection loaded: sppc.dllJump to behavior
Source: C:\Windows\System32\OpenWith.exeSection loaded: pcacli.dllJump to behavior
Source: C:\Windows\System32\OpenWith.exeSection loaded: mpr.dllJump to behavior
Source: C:\Windows\System32\OpenWith.exeSection loaded: sfc_os.dllJump to behavior
Source: C:\Windows\System32\OpenWith.exeSection loaded: atlthunk.dllJump to behavior
Source: C:\Windows\System32\OpenWith.exeKey value queried: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{95E15D0A-66E6-93D9-C53C-76E6219D3341}\InProcServer32Jump to behavior
Source: Window RecorderWindow detected: More than 3 window changes detected
Source: MDE_File_Sample_a8068703372ae00821df45d3d1e83528d5b75530.zipStatic file information: File size 1345668 > 1048576
Source: Binary string: webauthn.pdb source: firefox.exe, 0000000D.00000003.1576891553.00000235E715D000.00000004.00000020.00020000.00000000.sdmp
Source: Binary string: z:\task_1551543573\build\openh264\gmpopenh264.pdbV source: firefox.exe, 0000000D.00000003.1999381086.00000235DE285000.00000004.00000800.00020000.00000000.sdmp, gmpopenh264.dll.tmp.13.dr
Source: Binary string: wsock32.pdbUGP source: firefox.exe, 0000000D.00000003.1556420055.00000235D44EF000.00000004.00000020.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1551530483.00000235D44E6000.00000004.00000020.00020000.00000000.sdmp
Source: Binary string: z:\task_1551543573\build\openh264\gmpopenh264.pdb source: firefox.exe, 0000000D.00000003.1999381086.00000235DE285000.00000004.00000800.00020000.00000000.sdmp, gmpopenh264.dll.tmp.13.dr
Source: Binary string: webauthn.pdbGCTL source: firefox.exe, 0000000D.00000003.1576891553.00000235E715D000.00000004.00000020.00020000.00000000.sdmp
Source: Binary string: wsock32.pdb source: firefox.exe, 0000000D.00000003.1556420055.00000235D44EF000.00000004.00000020.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1551530483.00000235D44E6000.00000004.00000020.00020000.00000000.sdmp
Source: gmpopenh264.dll.tmp.13.drStatic PE information: section name: .rodata
Source: C:\Program Files\Mozilla Firefox\firefox.exeFile created: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\sp4c0p22.default-release\gmp-gmpopenh264\1.8.1.2\gmpopenh264.dll (copy)Jump to dropped file
Source: C:\Program Files\Mozilla Firefox\firefox.exeFile created: C:\Users\user\Downloads\a8068703372ae00821df45d3d1e83528d5b75530 (copy)Jump to dropped file
Source: C:\Program Files\Mozilla Firefox\firefox.exeFile created: C:\Users\user\Downloads\fUYnz81b.partJump to dropped file
Source: C:\Program Files\Mozilla Firefox\firefox.exeFile created: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\sp4c0p22.default-release\gmp-gmpopenh264\1.8.1.2\gmpopenh264.dll.tmpJump to dropped file
Source: C:\Program Files\Mozilla Firefox\firefox.exeFile created: C:\Users\user\Downloads\fUYnz81b.partJump to dropped file
Source: C:\Windows\System32\rundll32.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\OpenWith.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\OpenWith.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\OpenWith.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\OpenWith.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\OpenWith.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\OpenWith.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\OpenWith.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\OpenWith.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\OpenWith.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\OpenWith.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Windows\System32\OpenWith.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Program Files\Mozilla Firefox\firefox.exeCode function: 15_2_0000014A6BE84BB7 rdtsc 15_2_0000014A6BE84BB7
Source: C:\Windows\System32\OpenWith.exe TID: 3700Thread sleep count: 297 > 30Jump to behavior
Source: firefox.exe, 00000010.00000002.2410053291.000001D64A1DA000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: Hyper-V RAW0k`J
Source: firefox.exe, 0000000E.00000002.2415963892.000002BC1706A000.00000004.00000020.00020000.00000000.sdmp, firefox.exe, 0000000F.00000002.2443683935.0000014A6C620000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: Hyper-V RAW
Source: firefox.exe, 0000000E.00000002.2440135240.000002BC17414000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: Hyper-V RAW : 2 : 34 : 1 : 1 : 0x20026 : 0x8 : %SystemRoot%\system32\mswsock.dll : : 1234191b-4bf7-4ca7-86e0-dfd7c32b5445
Source: firefox.exe, 0000000E.00000002.2442809724.000002BC17500000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: Hyper-V RAWJ5
Source: firefox.exe, 0000000F.00000002.2410135042.0000014A6BB9A000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: Hyper-V RAW0hblJ
Source: firefox.exe, 00000010.00000002.2439723504.000001D64A600000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: Hyper-V RAWX%
Source: firefox.exe, 0000000F.00000002.2443683935.0000014A6C620000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: Hyper-V RAW%SystemRoot%\system32\mswsock.dll}
Source: firefox.exe, 0000000E.00000002.2442809724.000002BC17500000.00000004.00000020.00020000.00000000.sdmp, firefox.exe, 0000000F.00000002.2443683935.0000014A6C620000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: Hyper-V RAW%SystemRoot%\system32\mswsock.dll
Source: C:\Program Files\Mozilla Firefox\firefox.exeCode function: 15_2_0000014A6BE84BB7 rdtsc 15_2_0000014A6BE84BB7
Source: C:\Windows\System32\OpenWith.exeProcess created: C:\Program Files\Mozilla Firefox\firefox.exe "C:\Program Files\Mozilla Firefox\firefox.exe" -osint -url "C:\Users\user\AppData\Local\Temp\Temp1_MDE_File_Sample_a8068703372ae00821df45d3d1e83528d5b75530.zip\a8068703372ae00821df45d3d1e83528d5b75530"Jump to behavior
Source: C:\Windows\System32\OpenWith.exeProcess created: C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe "C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe" "C:\Users\user\Downloads\a8068703372ae00821df45d3d1e83528d5b75530"Jump to behavior
Source: firefox.exe, 0000000D.00000003.1536135936.00000235E7007000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: hSoftware\Policies\Microsoft\Windows\PersonalizationNoChangingStartMenuBackgroundPersonalColors_BackgroundWilStaging_02RtlDisownModuleHeapAllocationRtlQueryFeatureConfigurationRtlRegisterFeatureConfigurationChangeNotificationRtlSubscribeWnfStateChangeNotificationRtlDllShutdownInProgressntdll.dllNtQueryWnfStateDataLocal\SM0:%d:%d:%hs_p0Local\SessionImmersiveColorPreferenceBEGINTHMthmfile\Sessions\%d\Windows\ThemeSectionMessageWindowendthemewndThemeApiConnectionRequest\ThemeApiPortwinsta0SOFTWARE\Microsoft\Windows\CurrentVersion\Themes\PersonalizeAppsUseLightThemeSystemUsesLightThemedefaultshell\themes\uxtheme\render.cppCompositedWindow::WindowdeletedrcacheMDIClientSoftware\Microsoft\Windows\DWMColorPrevalenceSoftware\Microsoft\Windows\CurrentVersion\ImmersiveShellTabletModeMENUAccentColorSoftware\Microsoft\Windows\CurrentVersion\Explorer\AccentDefaultStartColorControl Panel\DesktopAutoColorizationAccentColorMenuStartColorMenuAutoColorSoftware\Microsoft\Windows\CurrentVersion\Themes\History\ColorsSoftware\Microsoft\Windows\CurrentVersion\Themes\HistoryAccentPaletteTab$Shell_TrayWndLocal\SessionImmersiveColorMutex
Source: C:\Windows\System32\OpenWith.exeQueries volume information: C:\Windows\Fonts\segoeui.ttf VolumeInformationJump to behavior
Source: C:\Windows\System32\OpenWith.exeQueries volume information: C:\Windows\Fonts\seguisb.ttf VolumeInformationJump to behavior
Source: C:\Windows\System32\OpenWith.exeQueries volume information: C:\Windows\Fonts\seguisym.ttf VolumeInformationJump to behavior
Source: C:\Windows\System32\OpenWith.exeQueries volume information: C:\Windows\Fonts\segoeui.ttf VolumeInformationJump to behavior
Source: C:\Windows\System32\OpenWith.exeQueries volume information: C:\Windows\Fonts\segoeui.ttf VolumeInformationJump to behavior
Source: C:\Windows\System32\OpenWith.exeQueries volume information: C:\Windows\Fonts\seguisb.ttf VolumeInformationJump to behavior
Source: C:\Windows\System32\OpenWith.exeQueries volume information: C:\Windows\Fonts\seguisb.ttf VolumeInformationJump to behavior
Source: C:\Windows\System32\OpenWith.exeQueries volume information: C:\Windows\Fonts\seguisym.ttf VolumeInformationJump to behavior
Source: C:\Windows\System32\OpenWith.exeQueries volume information: C:\Windows\Fonts\seguisym.ttf VolumeInformationJump to behavior

Mitre Att&ck Matrix

ReconnaissanceResource DevelopmentInitial AccessExecutionPersistencePrivilege EscalationDefense EvasionCredential AccessDiscoveryLateral MovementCollectionCommand and ControlExfiltrationImpact
Gather Victim Identity InformationAcquire InfrastructureValid AccountsWindows Management Instrumentation1
DLL Side-Loading		12
Process Injection		11
Masquerading		OS Credential Dumping11
Security Software Discovery		Remote Services1
Archive Collected Data		12
Encrypted Channel		Exfiltration Over Other Network MediumAbuse Accessibility Features
CredentialsDomainsDefault AccountsScheduled Task/JobBoot or Logon Initialization Scripts1
DLL Side-Loading		1
Virtualization/Sandbox Evasion		LSASS Memory1
Virtualization/Sandbox Evasion		Remote Desktop ProtocolData from Removable Media1
Ingress Tool Transfer		Exfiltration Over BluetoothNetwork Denial of Service
Email AddressesDNS ServerDomain AccountsAtLogon Script (Windows)1
Extra Window Memory Injection		12
Process Injection		Security Account Manager1
Process Discovery		SMB/Windows Admin SharesData from Network Shared Drive2
Non-Application Layer Protocol		Automated ExfiltrationData Encrypted for Impact
Employee NamesVirtual Private ServerLocal AccountsCronLogin HookLogin Hook1
Rundll32		NTDS1
File and Directory Discovery		Distributed Component Object ModelInput Capture3
Application Layer Protocol		Traffic DuplicationData Destruction
Gather Victim Network InformationServerCloud AccountsLaunchdNetwork Logon ScriptNetwork Logon Script1
DLL Side-Loading		LSA Secrets11
System Information Discovery		SSHKeyloggingFallback ChannelsScheduled TransferData Encrypted for Impact
Domain PropertiesBotnetReplication Through Removable MediaScheduled TaskRC ScriptsRC Scripts1
Extra Window Memory Injection		Cached Domain CredentialsWi-Fi DiscoveryVNCGUI Input CaptureMultiband CommunicationData Transfer Size LimitsService Stop

Behavior Graph

Hide Legend

Legend:

  • Process
  • Signature
  • Created File
  • DNS/IP Info
  • Is Dropped
  • Is Windows Process
  • Number of created Registry Values
  • Number of created Files
  • Visual Basic
  • Delphi
  • Java
  • .Net C# or VB.NET
  • C, C++ or other language
  • Is malicious
  • Internet
behaviorgraph top1 dnsIp2 2 Behavior Graph ID: 1431982 Sample: MDE_File_Sample_a8068703372... Startdate: 26/04/2024 Architecture: WINDOWS Score: 5 40 youtube-ui.l.google.com 2->40 42 www.youtube.com 2->42 44 29 other IPs or domains 2->44 8 OpenWith.exe 18 6 2->8         started        10 OpenWith.exe 5 2->10         started        12 rundll32.exe 2->12         started        process3 process4 14 firefox.exe 1 8->14         started        16 Acrobat.exe 48 10->16         started        process5 18 firefox.exe 10 215 14->18         started        22 AcroCEF.exe 91 16->22         started        dnsIp6 46 services.addons.mozilla.org 18.173.166.117, 443, 49744 MIT-GATEWAYSUS United States 18->46 48 prod.detectportal.prod.cloudops.mozgcp.net 34.107.221.82, 49714, 49718, 49722 GOOGLEUS United States 18->48 50 7 other IPs or domains 18->50 32 C:\Users\user\Downloads\fUYnz81b.part, PE32 18->32 dropped 34 a8068703372ae00821...3528d5b75530 (copy), PE32 18->34 dropped 36 C:\Users\user\AppData\...\gmpopenh264.dll.tmp, PE32+ 18->36 dropped 38 C:\Users\user\...\gmpopenh264.dll (copy), PE32+ 18->38 dropped 24 firefox.exe 1 18->24         started        26 firefox.exe 1 18->26         started        28 firefox.exe 1 18->28         started        30 AcroCEF.exe 22->30         started        file7 process8

Screenshots

Thumbnails

This section contains all screenshots as thumbnails, including those not shown in the slideshow.


windows-stand

Antivirus, Machine Learning and Genetic Malware Detection

Initial Sample

No Antivirus matches

Dropped Files

SourceDetectionScannerLabelLink
C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\sp4c0p22.default-release\gmp-gmpopenh264\1.8.1.2\gmpopenh264.dll (copy)0%ReversingLabs
C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\sp4c0p22.default-release\gmp-gmpopenh264\1.8.1.2\gmpopenh264.dll (copy)0%VirustotalBrowse
C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\sp4c0p22.default-release\gmp-gmpopenh264\1.8.1.2\gmpopenh264.dll.tmp0%ReversingLabs
C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\sp4c0p22.default-release\gmp-gmpopenh264\1.8.1.2\gmpopenh264.dll.tmp0%VirustotalBrowse
C:\Users\user\Downloads\a8068703372ae00821df45d3d1e83528d5b75530 (copy)3%ReversingLabs
C:\Users\user\Downloads\a8068703372ae00821df45d3d1e83528d5b75530 (copy)0%VirustotalBrowse
C:\Users\user\Downloads\fUYnz81b.part3%ReversingLabs
C:\Users\user\Downloads\fUYnz81b.part0%VirustotalBrowse

Unpacked PE Files

No Antivirus matches

Domains

SourceDetectionScannerLabelLink
prod.balrog.prod.cloudops.mozgcp.net0%VirustotalBrowse
prod.detectportal.prod.cloudops.mozgcp.net0%VirustotalBrowse
reddit.map.fastly.net0%VirustotalBrowse
ipv4only.arpa2%VirustotalBrowse
prod.content-signature-chains.prod.webservices.mozgcp.net0%VirustotalBrowse
prod.ads.prod.webservices.mozgcp.net0%VirustotalBrowse
prod.remote-settings.prod.webservices.mozgcp.net0%VirustotalBrowse

URLs

SourceDetectionScannerLabelLink
http://www.mozilla.com00%URL Reputationsafe
http://www.mozilla.com00%URL Reputationsafe
https://ads.stickyadstv.com/firefox-etp0%URL Reputationsafe
https://tracking-protection-issues.herokuapp.com/new0%URL Reputationsafe
https://searchfox.org/mozilla-central/source/toolkit/components/search/SearchUtils.jsm#145-1520%URL Reputationsafe
https://bugzilla.mo0%URL Reputationsafe
https://account.bellmedia.c0%URL Reputationsafe
http://x1.c.lencr.org/00%URL Reputationsafe
http://x1.i.lencr.org/00%URL Reputationsafe
https://mozilla.cloudflare-dns.com/dns-query0%URL Reputationsafe
http://mozilla.o0%Avira URL Cloudsafe
http://ocsp.rootca1.amazontrust.com0:0%Avira URL Cloudsafe
http://127.0.0.1:0%Avira URL Cloudsafe
http://detectportal.firefox.com00%Avira URL Cloudsafe
https://www.bbc.co.uk/0%Avira URL Cloudsafe
https://www.bbc.co.uk/0%VirustotalBrowse
http://mozilla.o0%VirustotalBrowse

Domains and IPs

Contacted Domains

NameIPActiveMaliciousAntivirus DetectionReputation
example.org
93.184.215.14
truefalse
    		high
    star-mini.c10r.facebook.com
    		157.240.14.35
    		truefalse
      		high
      prod.balrog.prod.cloudops.mozgcp.net
      		35.244.181.201
      		truefalseunknown
      twitter.com
      		104.244.42.193
      		truefalse
        		high
        prod.detectportal.prod.cloudops.mozgcp.net
        		34.107.221.82
        		truefalseunknown
        services.addons.mozilla.org
        		18.173.166.117
        		truefalse
          		high
          dyna.wikimedia.org
          		208.80.154.224
          		truefalse
            		high
            prod.remote-settings.prod.webservices.mozgcp.net
            		34.149.100.209
            		truefalseunknown
            contile.services.mozilla.com
            		34.117.188.166
            		truefalse
              		high
              prod.content-signature-chains.prod.webservices.mozgcp.net
              		34.160.144.191
              		truefalseunknown
              youtube-ui.l.google.com
              		142.250.64.174
              		truefalse
                		high
                reddit.map.fastly.net
                		151.101.1.140
                		truefalseunknown
                ipv4only.arpa
                		192.0.0.170
                		truefalseunknown
                prod.ads.prod.webservices.mozgcp.net
                		34.117.188.166
                		truefalseunknown
                normandy-cdn.services.mozilla.com
                		35.201.103.21
                		truefalse
                  		high
                  telemetry-incoming.r53-2.services.mozilla.com
                  		34.120.208.123
                  		truefalse
                    		high
                    www.reddit.com
                    		unknown
                    		unknownfalse
                      		high
                      spocs.getpocket.com
                      		unknown
                      		unknownfalse
                        		high
                        content-signature-2.cdn.mozilla.net
                        		unknown
                        		unknownfalse
                          		high
                          firefox.settings.services.mozilla.com
                          		unknown
                          		unknownfalse
                            		high
                            push.services.mozilla.com
                            		unknown
                            		unknownfalse
                              		high
                              www.youtube.com
                              		unknown
                              		unknownfalse
                                		high
                                www.facebook.com
                                		unknown
                                		unknownfalse
                                  		high
                                  detectportal.firefox.com
                                  		unknown
                                  		unknownfalse
                                    		high
                                    normandy.cdn.mozilla.net
                                    		unknown
                                    		unknownfalse
                                      		high
                                      shavar.services.mozilla.com
                                      		unknown
                                      		unknownfalse
                                        		high
                                        www.wikipedia.org
                                        		unknown
                                        		unknownfalse
                                          		high

                                          URLs from Memory and Binaries

                                          NameSourceMaliciousAntivirus DetectionReputation
                                          https://play.google.com/store/apps/details?id=org.mozilla.firefox.vpn&referrer=utm_source%3Dfirefox-firefox.exe, 0000000F.00000002.2422028968.0000014A6BE31000.00000002.08000000.00040000.00000000.sdmpfalse
                                            		high
                                            https://getpocket.cdn.mozilla.net/v3/firefox/trending-topics?version=2&consumer_key=$apiKey&locale_lfirefox.exe, 00000010.00000002.2427825243.000001D64A5C4000.00000004.00000800.00020000.00000000.sdmpfalse
                                              		high
                                              http://detectportal.firefox.com/firefox.exe, 0000000D.00000003.1716970660.00000235E1032000.00000004.00000800.00020000.00000000.sdmpfalse
                                                		high
                                                http://detectportal.firefox.com0firefox.exe, 0000000D.00000003.1956952716.00000235D60D0000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1800380603.00000235D60CF000.00000004.00000800.00020000.00000000.sdmpfalse
                                                • Avira URL Cloud: safe
                                                		unknown
                                                https://services.addons.mozilla.orgfirefox.exe, 0000000D.00000003.1964020115.00000235D556A000.00000004.00000800.00020000.00000000.sdmpfalse
                                                  		high
                                                  https://services.addons.mozilla.org/api/v5/addons/browser-mappings/?browser=%BROWSER%firefox.exe, 0000000F.00000002.2422028968.0000014A6BE31000.00000002.08000000.00040000.00000000.sdmpfalse
                                                    		high
                                                    https://datastudio.google.com/embed/reporting/firefox.exe, 0000000D.00000003.1649449106.00000235E5B79000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1894256239.00000235E5B82000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1766530172.00000235E5B82000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1687463759.00000235E5B82000.00000004.00000800.00020000.00000000.sdmpfalse
                                                      		high
                                                      http://www.mozilla.com0firefox.exe, 0000000D.00000003.2001774617.00000235E0D3C000.00000004.00000800.00020000.00000000.sdmp, gmpopenh264.dll.tmp.13.drfalse
                                                      • URL Reputation: safe
                                                      • URL Reputation: safe
                                                      		unknown
                                                      https://merino.services.mozilla.com/api/v1/suggestfirefox.exe, 00000010.00000002.2427825243.000001D64A58F000.00000004.00000800.00020000.00000000.sdmpfalse
                                                        		high
                                                        https://json-schema.org/draft/2019-09/schema.firefox.exe, 0000000D.00000003.1766692907.00000235E12AB000.00000004.00000800.00020000.00000000.sdmpfalse
                                                          		high
                                                          http://www.fontbureau.com/designersfirefox.exe, 0000000D.00000003.2032144843.00000235CB395000.00000004.00000020.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.2036353004.00000235CB396000.00000004.00000020.00020000.00000000.sdmpfalse
                                                            		high
                                                            https://monitor.firefox.com/oauth/init?entrypoint=protection_report_monitor&utm_source=about-protectfirefox.exe, 0000000F.00000002.2422028968.0000014A6BE31000.00000002.08000000.00040000.00000000.sdmpfalse
                                                              		high
                                                              https://www.leboncoin.fr/firefox.exe, 0000000D.00000003.1474256065.00000235DC532000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                		high
                                                                http://mozilla.ofirefox.exe, 0000000D.00000003.1860919846.00000DE7ED103000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                • 0%, Virustotal, Browse
                                                                • Avira URL Cloud: safe
                                                                		unknown
                                                                https://spocs.getpocket.com/spocsfirefox.exe, 0000000D.00000003.1472083793.00000235DE182000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                  		high
                                                                  https://screenshots.firefox.comfirefox.exe, 0000000D.00000003.1417274301.00000235D235D000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                    		high
                                                                    https://mathiasbynens.be/notes/javascript-escapes#singlefirefox.exe, 0000000D.00000003.1595242635.00000235E689E000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                      		high
                                                                      https://shavar.services.mozilla.comfirefox.exe, 0000000D.00000003.1691791503.00000235E0D7E000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1719223712.00000235E0D89000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                        		high
                                                                        https://completion.amazon.com/search/complete?q=firefox.exe, 0000000D.00000003.1419463127.00000235D2416000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1419114127.00000235D1F00000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                          		high
                                                                          https://support.mozilla.org/1/firefox/%VERSION%/%OS%/%LOCALE%/social-media-tracking-reportfirefox.exe, 0000000F.00000002.2422028968.0000014A6BE31000.00000002.08000000.00040000.00000000.sdmpfalse
                                                                            		high
                                                                            https://ads.stickyadstv.com/firefox-etpfirefox.exe, 0000000D.00000003.1964225729.00000235D52E8000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1727733318.00000235DD986000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                            • URL Reputation: safe
                                                                            		unknown
                                                                            https://identity.mozilla.com/ids/ecosystem_telemetryUfirefox.exe, 0000000D.00000003.1748853267.00000235E6323000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                              		high
                                                                              https://support.mozilla.org/1/firefox/%VERSION%/%OS%/%LOCALE%/send-tabfirefox.exe, 0000000F.00000002.2422028968.0000014A6BE31000.00000002.08000000.00040000.00000000.sdmpfalse
                                                                                		high
                                                                                https://monitor.firefox.com/breach-details/firefox.exe, 0000000F.00000002.2422028968.0000014A6BE31000.00000002.08000000.00040000.00000000.sdmpfalse
                                                                                  		high
                                                                                  https://github.com/w3c/csswg-drafts/issues/4650firefox.exe, 0000000D.00000003.1472978374.00000235DDED8000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                    		high
                                                                                    https://versioncheck-bg.addons.mozilla.org/update/VersionCheck.php?reqVersion=%REQ_VERSION%&id=%ITEMfirefox.exe, 0000000F.00000002.2422028968.0000014A6BE31000.00000002.08000000.00040000.00000000.sdmpfalse
                                                                                      		high
                                                                                      http://mozilla.org/%firefox.exe, 0000000D.00000003.1860919846.00000DE7ED103000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1852101331.000015F6B2603000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                        		high
                                                                                        https://www.amazon.com/exec/obidos/external-search/firefox.exe, 0000000D.00000003.1819084298.00000235E3D98000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1518132796.00000235E4AFE000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1703439755.00000235E3D98000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1419463127.00000235D2416000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1419114127.00000235D1F00000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                          		high
                                                                                          https://profiler.firefox.com/firefox.exe, 0000000D.00000003.1981437914.00000235D2383000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                            		high
                                                                                            https://www.msn.comfirefox.exe, 0000000D.00000003.1740009226.00000235D77FB000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                              		high
                                                                                              https://www.amazon.com/?tag=admarketus-20&ref=pd_sl_39e4b8f6fd6635158ad433436bdaa069841cfdf8e1989e03firefox.exe, 0000000D.00000003.1986455951.00000235CFEB9000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1789218347.00000235D643C000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000002.2426790737.000002BC173E4000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000002.2431335485.0000014A6BFE9000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000010.00000002.2440991208.000001D64A703000.00000004.00000800.00020000.00000000.sdmp, prefs-1.js.13.drfalse
                                                                                                		high
                                                                                                https://github.com/mozilla-services/screenshotsfirefox.exe, 0000000D.00000003.1419463127.00000235D2416000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1419114127.00000235D1F00000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                  		high
                                                                                                  https://services.addons.mozilla.org/api/v4/addons/addon/firefox.exe, 0000000F.00000002.2422028968.0000014A6BE31000.00000002.08000000.00040000.00000000.sdmpfalse
                                                                                                    		high
                                                                                                    https://support.mozilla.org/1/firefox/%VERSION%/%OS%/%LOCALE%/switching-devices?utm_source=panel-deffirefox.exe, 0000000D.00000003.1887131482.00000235D1F35000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                      		high
                                                                                                      https://tracking-protection-issues.herokuapp.com/newfirefox.exe, 0000000F.00000002.2422028968.0000014A6BE31000.00000002.08000000.00040000.00000000.sdmpfalse
                                                                                                      • URL Reputation: safe
                                                                                                      		unknown
                                                                                                      https://support.mozilla.org/1/firefox/%VERSION%/%OS%/%LOCALE%/password-manager-reportfirefox.exe, 0000000F.00000002.2422028968.0000014A6BE31000.00000002.08000000.00040000.00000000.sdmpfalse
                                                                                                        		high
                                                                                                        https://content-signature-2.cdn.mozilla.net/firefox.exe, 0000000D.00000003.1731972168.00000235DC57E000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                          		high
                                                                                                          https://json-schema.org/draft/2020-12/schema/=firefox.exe, 0000000D.00000003.1766692907.00000235E12AB000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                            		high
                                                                                                            https://app.adjust.com/167k4ih?campaign=firefox-desktop&adgroup=pb&creative=focus-omc172&redirect=htfirefox.exe, 0000000D.00000003.1763391492.00000235E5C55000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                              		high
                                                                                                              https://support.mozilla.org/1/firefox/%VERSION%/%OS%/%LOCALE%/fingerprinters-reportfirefox.exe, 0000000F.00000002.2422028968.0000014A6BE31000.00000002.08000000.00040000.00000000.sdmpfalse
                                                                                                                		high
                                                                                                                https://api.accounts.firefox.com/v1firefox.exe, 0000000F.00000002.2422028968.0000014A6BE31000.00000002.08000000.00040000.00000000.sdmpfalse
                                                                                                                  		high
                                                                                                                  https://ok.ru/firefox.exe, 0000000D.00000003.1785521245.00000235D6558000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                    		high
                                                                                                                    https://www.amazon.com/firefox.exe, 0000000D.00000003.1690771572.00000235E10EA000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                      		high
                                                                                                                      https://addons.mozilla.org/%LOCALE%/%APP%/blocked-addon/%addonID%/%addonVersion%/firefox.exe, 0000000F.00000002.2422028968.0000014A6BE31000.00000002.08000000.00040000.00000000.sdmpfalse
                                                                                                                        		high
                                                                                                                        https://fpn.firefox.comfirefox.exe, 0000000D.00000003.1981437914.00000235D2351000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                          		high
                                                                                                                          https://developer.mozilla.org/docs/Mozilla/Add-ons/WebExtensions/API/tabs/captureTabMozRequestFullScfirefox.exe, 0000000D.00000003.1619363429.00000235E657B000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                            		high
                                                                                                                            https://monitor.firefox.com/?entrypoint=protection_report_monitor&utm_source=about-protectionsfirefox.exe, 0000000F.00000002.2422028968.0000014A6BE31000.00000002.08000000.00040000.00000000.sdmpfalse
                                                                                                                              		high
                                                                                                                              http://mozilla.org/0Sfirefox.exe, 0000000D.00000003.1651111009.000021F660E03000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1646870911.000024F1B6803000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                		high
                                                                                                                                http://ocsp.rootca1.amazontrust.com0:firefox.exe, 0000000D.00000003.1965211941.00000235D52D0000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                • Avira URL Cloud: safe
                                                                                                                                		unknown
                                                                                                                                https://bridge.sfo1.admarketplace.net/ctp?version=16.0.0&ci=1696581201119.12791&key=1696581201400600firefox.exe, 0000000D.00000003.1986455951.00000235CFEB9000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1789218347.00000235D643C000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000E.00000002.2426790737.000002BC173E4000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000002.2431335485.0000014A6BFE9000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000010.00000002.2440991208.000001D64A703000.00000004.00000800.00020000.00000000.sdmp, prefs-1.js.13.drfalse
                                                                                                                                  		high
                                                                                                                                  https://www.youtube.com/firefox.exe, 0000000D.00000003.1785521245.00000235D6558000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1474256065.00000235DC532000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1737424352.00000235DC1AC000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000002.2431335485.0000014A6BF0A000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000010.00000002.2427825243.000001D64A50C000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                    		high
                                                                                                                                    https://bugzilla.mozilla.org/show_bug.cgi?id=1283601firefox.exe, 0000000D.00000003.1525555428.00000235E4C78000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                      		high
                                                                                                                                      https://support.mozilla.org/1/firefox/%VERSION%/%OS%/%LOCALE%/shieldfirefox.exe, 0000000F.00000002.2422028968.0000014A6BE31000.00000002.08000000.00040000.00000000.sdmpfalse
                                                                                                                                        		high
                                                                                                                                        https://www.bbc.co.uk/firefox.exe, 0000000D.00000003.1474256065.00000235DC532000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                        • 0%, Virustotal, Browse
                                                                                                                                        • Avira URL Cloud: safe
                                                                                                                                        		unknown
                                                                                                                                        https://addons.mozilla.org/firefox/addon/to-google-translate/firefox.exe, 0000000D.00000003.1763391492.00000235E5C55000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                          		high
                                                                                                                                          https://getpocket.cdn.mozilla.net/v3/firefox/global-recs?version=3&consumer_key=$apiKey&locale_lang=firefox.exe, 00000010.00000002.2427825243.000001D64A5C4000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                            		high
                                                                                                                                            http://127.0.0.1:firefox.exe, 0000000D.00000003.1932171214.00000235D783D000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1775029103.00000235D783D000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1925858398.00000235DC5E3000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1810649041.00000235D783F000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1730202178.00000235DC5D9000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1775029103.00000235D7847000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1810649041.00000235D7842000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000002.2422028968.0000014A6BE31000.00000002.08000000.00040000.00000000.sdmpfalse
                                                                                                                                            • Avira URL Cloud: safe
                                                                                                                                            		unknown
                                                                                                                                            https://bugzilla.mozilla.org/show_bug.cgi?id=1266220firefox.exe, 0000000D.00000003.1525555428.00000235E4C68000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                              		high
                                                                                                                                              https://searchfox.org/mozilla-central/source/toolkit/components/search/SearchUtils.jsm#145-152firefox.exe, 0000000D.00000003.1516198035.00000235E47DE000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                              • URL Reputation: safe
                                                                                                                                              		unknown
                                                                                                                                              https://bugzilla.mofirefox.exe, 0000000D.00000003.1762172110.00000235E5C6F000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                              • URL Reputation: safe
                                                                                                                                              		unknown
                                                                                                                                              https://mitmdetection.services.mozilla.com/firefox.exe, 0000000F.00000002.2422028968.0000014A6BE31000.00000002.08000000.00040000.00000000.sdmpfalse
                                                                                                                                                		high
                                                                                                                                                https://static.adsafeprotected.com/firefox-etp-jsfirefox.exe, 0000000D.00000003.1727733318.00000235DD986000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                  		high
                                                                                                                                                  https://shavar.services.mozilla.com/firefox.exe, 0000000D.00000003.1746990440.00000235D6B40000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                    		high
                                                                                                                                                    https://developer.mozilla.org/docs/Web/API/Element/releasePointerCapturefirefox.exe, 0000000D.00000003.1619363429.00000235E657B000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                      		high
                                                                                                                                                      https://spocs.getpocket.com/firefox.exe, 0000000D.00000003.1722788363.00000235DE1DE000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1472083793.00000235DE182000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000F.00000002.2431335485.0000014A6BF12000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 00000010.00000002.2427825243.000001D64A513000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                        		high
                                                                                                                                                        https://services.addons.mozilla.org/api/v4/abuse/report/addon/firefox.exe, 0000000F.00000002.2422028968.0000014A6BE31000.00000002.08000000.00040000.00000000.sdmpfalse
                                                                                                                                                          		high
                                                                                                                                                          https://services.addons.mozilla.org/api/v4/addons/search/?guid=%IDS%&lang=%LOCALE%firefox.exe, 0000000F.00000002.2422028968.0000014A6BE31000.00000002.08000000.00040000.00000000.sdmpfalse
                                                                                                                                                            		high
                                                                                                                                                            https://color.firefox.com/?utm_source=firefox-browser&utm_medium=firefox-browser&utm_content=theme-ffirefox.exe, 0000000F.00000002.2422028968.0000014A6BE31000.00000002.08000000.00040000.00000000.sdmpfalse
                                                                                                                                                              		high
                                                                                                                                                              https://www.iqiyi.com/firefox.exe, 0000000D.00000003.1785521245.00000235D6558000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1474256065.00000235DC532000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                		high
                                                                                                                                                                https://play.google.com/store/apps/details?id=org.mozilla.firefox&referrer=utm_source%3Dprotection_rfirefox.exe, 0000000F.00000002.2422028968.0000014A6BE31000.00000002.08000000.00040000.00000000.sdmpfalse
                                                                                                                                                                  		high
                                                                                                                                                                  https://monitor.firefox.com/user/breach-stats?includeResolved=truefirefox.exe, 0000000F.00000002.2422028968.0000014A6BE31000.00000002.08000000.00040000.00000000.sdmpfalse
                                                                                                                                                                    		high
                                                                                                                                                                    https://support.mozilla.org/1/firefox/%VERSION%/%OS%/%LOCALE%/cross-site-tracking-reportfirefox.exe, 0000000F.00000002.2422028968.0000014A6BE31000.00000002.08000000.00040000.00000000.sdmpfalse
                                                                                                                                                                      		high
                                                                                                                                                                      https://bugzilla.mozilla.org/show_bug.cgi?id=1584464firefox.exe, 0000000D.00000003.1472978374.00000235DDED8000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                        		high
                                                                                                                                                                        https://services.addons.mozilla.org/api/v4/addons/search/?guid=default-theme%40mozilla.org%2Caddons-firefox.exe, 0000000D.00000003.1981437914.00000235D234B000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1928204329.00000235DC3EE000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                          		high
                                                                                                                                                                          http://a9.com/-/spec/opensearch/1.0/firefox.exe, 0000000D.00000003.1766692907.00000235E1268000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                            		high
                                                                                                                                                                            https://safebrowsing.google.com/safebrowsing/diagnostic?site=firefox.exe, 0000000F.00000002.2422028968.0000014A6BE31000.00000002.08000000.00040000.00000000.sdmpfalse
                                                                                                                                                                              		high
                                                                                                                                                                              http://www.inbox.lv/rfc2368/?value=%sufirefox.exe, 0000000D.00000003.1981437914.00000235D23A1000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                		high
                                                                                                                                                                                https://normandy.cdn.mozilla.netfirefox.exe, 0000000D.00000003.1979871458.00000235D23C5000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                  		high
                                                                                                                                                                                  https://monitor.firefox.com/user/dashboardfirefox.exe, 0000000F.00000002.2422028968.0000014A6BE31000.00000002.08000000.00040000.00000000.sdmpfalse
                                                                                                                                                                                    		high
                                                                                                                                                                                    http://developer.mozilla.org/en/docs/DOM:element.addEventListenerUseOfReleaseEventsWarningUsefirefox.exe, 0000000D.00000003.1619363429.00000235E657B000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                      		high
                                                                                                                                                                                      https://versioncheck.addons.mozilla.org/update/VersionCheck.php?reqVersion=%REQ_VERSION%&id=%ITEM_IDfirefox.exe, 0000000F.00000002.2422028968.0000014A6BE31000.00000002.08000000.00040000.00000000.sdmpfalse
                                                                                                                                                                                        		high
                                                                                                                                                                                        https://monitor.firefox.com/aboutfirefox.exe, 0000000F.00000002.2422028968.0000014A6BE31000.00000002.08000000.00040000.00000000.sdmpfalse
                                                                                                                                                                                          		high
                                                                                                                                                                                          http://mozilla.org/MPL/2.0/.firefox.exe, 0000000D.00000003.1943633536.00000235D66A5000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1782228924.00000235D66A5000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1520757523.00000235E4AF2000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1889767951.00000235D2472000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1929418398.00000235DC344000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1699120127.00000235D4583000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1785521245.00000235D652C000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1472978374.00000235DDEF4000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1595242635.00000235E684B000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1809354335.00000235DE2C6000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1777578922.00000235D77B6000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1777499154.00000235D77D8000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1679607476.00000235D4D14000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1595242635.00000235E688F000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1740646088.00000235D77A0000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1777990715.00000235D7781000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1838458529.00000235D6BBE000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1477761920.00000235DC4DE000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.2004207999.00000235DDEF4000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1740646088.00000235D7780000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1537806704.00000235E4783000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                            		high
                                                                                                                                                                                            https://account.bellmedia.cfirefox.exe, 0000000D.00000003.1740009226.00000235D77FB000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                            • URL Reputation: safe
                                                                                                                                                                                            		unknown
                                                                                                                                                                                            https://login.microsoftonline.comfirefox.exe, 0000000D.00000003.1740646088.00000235D774D000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1707062090.00000235DE111000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                              		high
                                                                                                                                                                                              https://coverage.mozilla.orgfirefox.exe, 0000000F.00000002.2422028968.0000014A6BE31000.00000002.08000000.00040000.00000000.sdmpfalse
                                                                                                                                                                                                		high
                                                                                                                                                                                                http://crl.thawte.com/ThawteTimestampingCA.crl0firefox.exe, 0000000D.00000003.2001774617.00000235E0D3C000.00000004.00000800.00020000.00000000.sdmp, gmpopenh264.dll.tmp.13.drfalse
                                                                                                                                                                                                  		high
                                                                                                                                                                                                  https://www.zhihu.com/firefox.exe, 0000000D.00000003.1785521245.00000235D6558000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                                    		high
                                                                                                                                                                                                    http://x1.c.lencr.org/0firefox.exe, 0000000D.00000003.1965211941.00000235D52D0000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1472083793.00000235DE143000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                                    • URL Reputation: safe
                                                                                                                                                                                                    		unknown
                                                                                                                                                                                                    http://x1.i.lencr.org/0firefox.exe, 0000000D.00000003.1965211941.00000235D52D0000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1472083793.00000235DE143000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                                    • URL Reputation: safe
                                                                                                                                                                                                    		unknown
                                                                                                                                                                                                    http://a9.com/-/spec/opensearch/1.1/firefox.exe, 0000000D.00000003.1766692907.00000235E1268000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                                      		high
                                                                                                                                                                                                      https://blocked.cdn.mozilla.net/firefox.exe, 0000000F.00000002.2422028968.0000014A6BE31000.00000002.08000000.00040000.00000000.sdmpfalse
                                                                                                                                                                                                        		high
                                                                                                                                                                                                        https://developer.mozilla.org/en-US/docs/Glossary/speculative_parsingDocumentWriteIgnoredfirefox.exe, 0000000D.00000003.1731063556.00000235DC5B5000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                                          		high
                                                                                                                                                                                                          https://json-schema.org/draft/2019-09/schemafirefox.exe, 0000000D.00000003.1716970660.00000235E101B000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                                            		high
                                                                                                                                                                                                            https://profiler.firefox.comfirefox.exe, 0000000F.00000002.2422028968.0000014A6BE31000.00000002.08000000.00040000.00000000.sdmpfalse
                                                                                                                                                                                                              		high
                                                                                                                                                                                                              https://outlook.live.com/default.aspx?rru=compose&to=%sfirefox.exe, 0000000D.00000003.1421120827.00000235D1C33000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1981092853.00000235D23AA000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1421771021.00000235D1C3C000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000000D.00000003.1640706276.00000235D1C3B000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                                                		high
                                                                                                                                                                                                                https://identity.mozilla.com/apps/relayfirefox.exe, 0000000D.00000003.1627217897.00000235E4D77000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                                                  		high
                                                                                                                                                                                                                  https://mathiasbynens.be/firefox.exe, 0000000D.00000003.1595242635.00000235E689E000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                                                    		high
                                                                                                                                                                                                                    https://mozilla.cloudflare-dns.com/dns-queryfirefox.exe, 0000000F.00000002.2422028968.0000014A6BE31000.00000002.08000000.00040000.00000000.sdmpfalse
                                                                                                                                                                                                                    • URL Reputation: safe
                                                                                                                                                                                                                    		unknown
                                                                                                                                                                                                                    https://support.mozilla.org/kb/refresh-firefox-reset-add-ons-and-settings2firefox.exe, 0000000D.00000003.1739496891.00000235DC156000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                                                      		high

                                                                                                                                                                                                                      World Map of Contacted IPs

                                                                                                                                                                                                                      • No. of IPs < 25%
                                                                                                                                                                                                                      • 25% < No. of IPs < 50%
                                                                                                                                                                                                                      • 50% < No. of IPs < 75%
                                                                                                                                                                                                                      • 75% < No. of IPs

                                                                                                                                                                                                                      Public IPs

                                                                                                                                                                                                                      IPDomainCountryFlagASNASN NameMalicious
                                                                                                                                                                                                                      18.173.166.117
                                                                                                                                                                                                                      		services.addons.mozilla.orgUnited States
                                                                                                                                                                                                                      		3MIT-GATEWAYSUSfalse
                                                                                                                                                                                                                      34.149.100.209
                                                                                                                                                                                                                      		prod.remote-settings.prod.webservices.mozgcp.netUnited States
                                                                                                                                                                                                                      		2686ATGS-MMD-ASUSfalse
                                                                                                                                                                                                                      34.107.221.82
                                                                                                                                                                                                                      		prod.detectportal.prod.cloudops.mozgcp.netUnited States
                                                                                                                                                                                                                      		15169GOOGLEUSfalse
                                                                                                                                                                                                                      35.244.181.201
                                                                                                                                                                                                                      		prod.balrog.prod.cloudops.mozgcp.netUnited States
                                                                                                                                                                                                                      		15169GOOGLEUSfalse
                                                                                                                                                                                                                      34.117.188.166
                                                                                                                                                                                                                      		contile.services.mozilla.comUnited States
                                                                                                                                                                                                                      		139070GOOGLE-AS-APGoogleAsiaPacificPteLtdSGfalse
                                                                                                                                                                                                                      35.201.103.21
                                                                                                                                                                                                                      		normandy-cdn.services.mozilla.comUnited States
                                                                                                                                                                                                                      		15169GOOGLEUSfalse
                                                                                                                                                                                                                      34.160.144.191
                                                                                                                                                                                                                      		prod.content-signature-chains.prod.webservices.mozgcp.netUnited States
                                                                                                                                                                                                                      		2686ATGS-MMD-ASUSfalse
                                                                                                                                                                                                                      34.120.208.123
                                                                                                                                                                                                                      		telemetry-incoming.r53-2.services.mozilla.comUnited States
                                                                                                                                                                                                                      		15169GOOGLEUSfalse

                                                                                                                                                                                                                      Private

                                                                                                                                                                                                                      IP
                                                                                                                                                                                                                      127.0.0.1

                                                                                                                                                                                                                      General Information

                                                                                                                                                                                                                      Joe Sandbox version:40.0.0 Tourmaline
                                                                                                                                                                                                                      Analysis ID:1431982
                                                                                                                                                                                                                      Start date and time:2024-04-26 07:26:32 +02:00
                                                                                                                                                                                                                      Joe Sandbox product:CloudBasic
                                                                                                                                                                                                                      Overall analysis duration:0h 6m 35s
                                                                                                                                                                                                                      Hypervisor based Inspection enabled:false
                                                                                                                                                                                                                      Report type:full
                                                                                                                                                                                                                      Cookbook file name:defaultwindowsinteractivecookbook.jbs
                                                                                                                                                                                                                      Analysis system description:Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
                                                                                                                                                                                                                      Number of analysed new started processes analysed:24
                                                                                                                                                                                                                      Number of new started drivers analysed:0
                                                                                                                                                                                                                      Number of existing processes analysed:0
                                                                                                                                                                                                                      Number of existing drivers analysed:0
                                                                                                                                                                                                                      Number of injected processes analysed:0
                                                                                                                                                                                                                      Technologies:
                                                                                                                                                                                                                      • HCA enabled
                                                                                                                                                                                                                      • EGA enabled
                                                                                                                                                                                                                      • AMSI enabled
                                                                                                                                                                                                                      Analysis Mode:default
                                                                                                                                                                                                                      Analysis stop reason:Timeout
                                                                                                                                                                                                                      Sample name:MDE_File_Sample_a8068703372ae00821df45d3d1e83528d5b75530.zip
                                                                                                                                                                                                                      Detection:CLEAN
                                                                                                                                                                                                                      Classification:clean5.winZIP@36/52@53/9
                                                                                                                                                                                                                      EGA Information:
                                                                                                                                                                                                                      • Successful, ratio: 50%
                                                                                                                                                                                                                      HCA Information:
                                                                                                                                                                                                                      • Successful, ratio: 100%
                                                                                                                                                                                                                      • Number of executed functions: 4
                                                                                                                                                                                                                      • Number of non-executed functions: 1
                                                                                                                                                                                                                      Cookbook Comments:
                                                                                                                                                                                                                      • Found application associated with file extension: .zip

                                                                                                                                                                                                                      Warnings

                                                                                                                                                                                                                      • Exclude process from analysis (whitelisted): MpCmdRun.exe, dllhost.exe, SIHClient.exe, SgrmBroker.exe, MoUsoCoreWorker.exe, conhost.exe, svchost.exe
                                                                                                                                                                                                                      • Excluded IPs from analysis (whitelisted): 52.25.6.244, 52.24.210.222, 44.240.56.209, 44.233.67.78, 35.83.153.5, 44.239.14.124, 34.107.243.93, 142.250.217.202, 192.178.50.42, 142.250.217.238, 23.56.5.67, 23.56.5.83, 142.250.217.174, 23.204.76.141, 23.22.254.206, 54.227.187.23, 52.202.204.11, 52.5.13.197, 23.196.176.131
                                                                                                                                                                                                                      • Excluded domains from analysis (whitelisted): e4578.dscg.akamaiedge.net, fs.microsoft.com, shavar.prod.mozaws.net, ciscobinary.openh264.org, autopush.prod.mozaws.net, slscr.update.microsoft.com, e4578.dscb.akamaiedge.net, incoming.telemetry.mozilla.org, a17.rackcdn.com.mdc.edgesuite.net, detectportal.prod.mozaws.net, aus5.mozilla.org, p13n.adobe.io, fe3cr.delivery.mp.microsoft.com, a19.dscg10.akamai.net, ssl.adobe.com.edgekey.net, locprod2-elb-us-west-2.prod.mozaws.net, redirector.gvt1.com, armmf.adobe.com, ssl-delivery.adobe.com.edgekey.net, safebrowsing.googleapis.com, geo2.adobe.com, location.services.mozilla.com
                                                                                                                                                                                                                      • Not all processes where analyzed, report is missing behavior information
                                                                                                                                                                                                                      • Report size exceeded maximum capacity and may have missing behavior information.
                                                                                                                                                                                                                      • Report size getting too big, too many NtCreateFile calls found.
                                                                                                                                                                                                                      • Report size getting too big, too many NtOpenFile calls found.
                                                                                                                                                                                                                      • Report size getting too big, too many NtOpenKeyEx calls found.
                                                                                                                                                                                                                      • Report size getting too big, too many NtProtectVirtualMemory calls found.
                                                                                                                                                                                                                      • Report size getting too big, too many NtQueryAttributesFile calls found.
                                                                                                                                                                                                                      • Report size getting too big, too many NtQueryValueKey calls found.

                                                                                                                                                                                                                      Simulations

                                                                                                                                                                                                                      Behavior and APIs

                                                                                                                                                                                                                      TimeTypeDescription
                                                                                                                                                                                                                      07:27:10API Interceptor2x Sleep call for process: OpenWith.exe modified
                                                                                                                                                                                                                      07:27:39API Interceptor1x Sleep call for process: firefox.exe modified

                                                                                                                                                                                                                      Joe Sandbox View / Context

                                                                                                                                                                                                                      IPs

                                                                                                                                                                                                                      MatchAssociated Sample Name / URLSHA 256DetectionThreat NameLinkContext
                                                                                                                                                                                                                      34.117.188.166https://tibusiness.cl/css/causarol.rarGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                        nagateliteqfUK.exeGet hashmaliciousAZORult++Browse
                                                                                                                                                                                                                          Cheater Pro 1.6.0.msiGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                            Cheat Lab 2.7.2.msiGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                              Evernote.exeGet hashmaliciousLummaCBrowse
                                                                                                                                                                                                                                VLJWG-Y3VJN-21LNUV2-AHEB0VE.htaGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                  https://mega.nz/file/1uN3EaxZ#CUbFeX5nzgfkR0qb6Ucg8nGbIFqE9cmqjhfatbJqPpkGet hashmaliciousHTMLPhisherBrowse
                                                                                                                                                                                                                                    vm.dllGet hashmaliciousCobaltStrikeBrowse
                                                                                                                                                                                                                                      W2_AND_1095_PDF.jarGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                        https://Chem.microsoft@cloudflare-ipfs.com/ipfs/bafkreif2klim7glbgcsrfe6lm7wfd2scwmhee5i6dglyggzgvjgl53zw2i/#ZGFuaWVsLmNhcmRhb0BjaGVtLmx1Get hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                          18.173.166.117https://www.trucknews.com/videos/on-the-spot-peterbilt-model-589-canadian-debut/Get hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                            J8SjzF95zi.exeGet hashmaliciousAmadey, RisePro StealerBrowse
                                                                                                                                                                                                                                              ALL-20230526.xlsxGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                https://1drv.ms/b/s!Aj_dAsJOtS3GeKVcEaa61wq6boU?e=TSuYkWGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                  FACFFEA545BA2D1D9E9AB4ED74.dllGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                    https://drive.google.com/uc?export=download&id=1KgHo8oMsciWr0SHmcJ8Af0eMTe3KBKoCGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                      https://6am8rid67tw.typeform.com/to/HZKTv6iHGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                        34.149.100.209http://94.156.79.129/x86_64Get hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                          http://94.156.79.129/i686Get hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                            https://tibusiness.cl/css/causarol.rarGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                              nagateliteqfUK.exeGet hashmaliciousAZORult++Browse
                                                                                                                                                                                                                                                                http://134.213.29.14:82/grep.x86_64Get hashmaliciousIPRoyal PawnsBrowse
                                                                                                                                                                                                                                                                  Cheater Pro 1.6.0.msiGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                    Cheat Lab 2.7.2.msiGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                      http://GENERALIVITALITYERLEBEN.DEGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                        http://generali-siegburg.deGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                          Evernote.exeGet hashmaliciousLummaCBrowse
                                                                                                                                                                                                                                                                            34.160.144.191http://94.156.79.129/x86_64Get hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                              http://94.156.79.129/i686Get hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                https://tibusiness.cl/css/causarol.rarGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                  nagateliteqfUK.exeGet hashmaliciousAZORult++Browse
                                                                                                                                                                                                                                                                                    http://134.213.29.14:82/grep.x86_64Get hashmaliciousIPRoyal PawnsBrowse
                                                                                                                                                                                                                                                                                      Cheater Pro 1.6.0.msiGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                        Cheat Lab 2.7.2.msiGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                          http://GENERALIVITALITYERLEBEN.DEGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                            http://generali-siegburg.deGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                              Evernote.exeGet hashmaliciousLummaCBrowse

                                                                                                                                                                                                                                                                                                Domains

                                                                                                                                                                                                                                                                                                MatchAssociated Sample Name / URLSHA 256DetectionThreat NameLinkContext
                                                                                                                                                                                                                                                                                                example.orghttps://tibusiness.cl/css/causarol.rarGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                • 93.184.215.14
                                                                                                                                                                                                                                                                                                nagateliteqfUK.exeGet hashmaliciousAZORult++Browse
                                                                                                                                                                                                                                                                                                • 93.184.215.14
                                                                                                                                                                                                                                                                                                Cheater Pro 1.6.0.msiGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                • 93.184.216.34
                                                                                                                                                                                                                                                                                                Cheat Lab 2.7.2.msiGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                • 93.184.216.34
                                                                                                                                                                                                                                                                                                Evernote.exeGet hashmaliciousLummaCBrowse
                                                                                                                                                                                                                                                                                                • 93.184.216.34
                                                                                                                                                                                                                                                                                                VLJWG-Y3VJN-21LNUV2-AHEB0VE.htaGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                • 93.184.216.34
                                                                                                                                                                                                                                                                                                https://mega.nz/file/1uN3EaxZ#CUbFeX5nzgfkR0qb6Ucg8nGbIFqE9cmqjhfatbJqPpkGet hashmaliciousHTMLPhisherBrowse
                                                                                                                                                                                                                                                                                                • 93.184.216.34
                                                                                                                                                                                                                                                                                                vm.dllGet hashmaliciousCobaltStrikeBrowse
                                                                                                                                                                                                                                                                                                • 93.184.216.34
                                                                                                                                                                                                                                                                                                W2_AND_1095_PDF.jarGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                • 93.184.216.34
                                                                                                                                                                                                                                                                                                https://Chem.microsoft@cloudflare-ipfs.com/ipfs/bafkreif2klim7glbgcsrfe6lm7wfd2scwmhee5i6dglyggzgvjgl53zw2i/#ZGFuaWVsLmNhcmRhb0BjaGVtLmx1Get hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                • 93.184.216.34
                                                                                                                                                                                                                                                                                                star-mini.c10r.facebook.comhttps://4yu76uyd4.best/ccon/Get hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                • 157.240.14.35
                                                                                                                                                                                                                                                                                                https://shorturl.at/lMOT7Get hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                • 157.240.14.35
                                                                                                                                                                                                                                                                                                https://marinatitle.comGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                • 157.240.14.35
                                                                                                                                                                                                                                                                                                http://www.mh3solaroh.com/Get hashmaliciousHTMLPhisherBrowse
                                                                                                                                                                                                                                                                                                • 31.13.65.36
                                                                                                                                                                                                                                                                                                https://www.canva.com/design/DAGDNh45X_4/PPCLYIV4Y8uUaoEW7ZJrJQ/view?utm_content=DAGDNh45X_4&utm_campaign=designshare&utm_medium=link&utm_source=editorGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                • 31.13.65.36
                                                                                                                                                                                                                                                                                                https://www.canva.com/design/DAGDNh45X_4/PPCLYIV4Y8uUaoEW7ZJrJQ/view?utm_content=DAGDNh45X_4&utm_campaign=designshare&utm_medium=link&utm_source=editorGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                • 31.13.66.35
                                                                                                                                                                                                                                                                                                https://app.milanote.com/1RZbnl1zfBXuaf?p=r2B66sphbV4Get hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                • 157.240.14.35
                                                                                                                                                                                                                                                                                                https://cos-aliyun8789.towqzg.cn/Get hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                • 157.240.14.35
                                                                                                                                                                                                                                                                                                http://confirmartucuentamsnaquimx.hstn.me/login.live.com_login_verify_credentials_outlook.htmlGet hashmaliciousHTMLPhisherBrowse
                                                                                                                                                                                                                                                                                                • 31.13.88.35
                                                                                                                                                                                                                                                                                                https://jiujiuwanka.cn/Get hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                • 31.13.88.35
                                                                                                                                                                                                                                                                                                services.addons.mozilla.orghttps://tibusiness.cl/css/causarol.rarGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                • 18.164.154.78
                                                                                                                                                                                                                                                                                                nagateliteqfUK.exeGet hashmaliciousAZORult++Browse
                                                                                                                                                                                                                                                                                                • 3.163.101.39
                                                                                                                                                                                                                                                                                                Cheater Pro 1.6.0.msiGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                • 99.84.208.102
                                                                                                                                                                                                                                                                                                Cheat Lab 2.7.2.msiGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                • 3.163.101.76
                                                                                                                                                                                                                                                                                                Evernote.exeGet hashmaliciousLummaCBrowse
                                                                                                                                                                                                                                                                                                • 13.225.63.110
                                                                                                                                                                                                                                                                                                https://mega.nz/file/1uN3EaxZ#CUbFeX5nzgfkR0qb6Ucg8nGbIFqE9cmqjhfatbJqPpkGet hashmaliciousHTMLPhisherBrowse
                                                                                                                                                                                                                                                                                                • 18.173.166.98
                                                                                                                                                                                                                                                                                                vm.dllGet hashmaliciousCobaltStrikeBrowse
                                                                                                                                                                                                                                                                                                • 18.160.18.15
                                                                                                                                                                                                                                                                                                W2_AND_1095_PDF.jarGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                • 18.154.227.37
                                                                                                                                                                                                                                                                                                https://Chem.microsoft@cloudflare-ipfs.com/ipfs/bafkreif2klim7glbgcsrfe6lm7wfd2scwmhee5i6dglyggzgvjgl53zw2i/#ZGFuaWVsLmNhcmRhb0BjaGVtLmx1Get hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                • 13.225.63.72
                                                                                                                                                                                                                                                                                                UpdaterTag.dllGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                • 18.164.154.78

                                                                                                                                                                                                                                                                                                ASNs

                                                                                                                                                                                                                                                                                                MatchAssociated Sample Name / URLSHA 256DetectionThreat NameLinkContext
                                                                                                                                                                                                                                                                                                GOOGLE-AS-APGoogleAsiaPacificPteLtdSGj1zkOQTx4q.exeGet hashmaliciousRisePro StealerBrowse
                                                                                                                                                                                                                                                                                                • 34.117.186.192
                                                                                                                                                                                                                                                                                                http://www.vacationscenter.mxGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                • 34.117.118.44
                                                                                                                                                                                                                                                                                                https://url.us.m.mimecastprotect.com/s/qkT5Cv2pWyUOjZODty9fnF?domain=google.comGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                • 34.117.250.57
                                                                                                                                                                                                                                                                                                file.exeGet hashmaliciousRisePro StealerBrowse
                                                                                                                                                                                                                                                                                                • 34.117.186.192
                                                                                                                                                                                                                                                                                                file.exeGet hashmaliciousPureLog Stealer, RisePro Stealer, zgRATBrowse
                                                                                                                                                                                                                                                                                                • 34.117.186.192
                                                                                                                                                                                                                                                                                                file.exeGet hashmaliciousClipboard Hijacker, RisePro StealerBrowse
                                                                                                                                                                                                                                                                                                • 34.117.186.192
                                                                                                                                                                                                                                                                                                0ar3q66pGv.elfGet hashmaliciousMiraiBrowse
                                                                                                                                                                                                                                                                                                • 34.116.69.95
                                                                                                                                                                                                                                                                                                http://94.156.79.129/x86_64Get hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                • 34.117.121.53
                                                                                                                                                                                                                                                                                                http://94.156.79.129/i686Get hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                • 34.117.121.53
                                                                                                                                                                                                                                                                                                http://crunchersflowdigital.comGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                • 34.117.186.192
                                                                                                                                                                                                                                                                                                ATGS-MMD-ASUShttps://autode.sk/4bb5BeVGet hashmaliciousHtmlDropper, HTMLPhisherBrowse
                                                                                                                                                                                                                                                                                                • 34.160.78.217
                                                                                                                                                                                                                                                                                                https://url.us.m.mimecastprotect.com/s/qkT5Cv2pWyUOjZODty9fnF?domain=google.comGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                • 34.149.20.76
                                                                                                                                                                                                                                                                                                http://www.mh3solaroh.com/Get hashmaliciousHTMLPhisherBrowse
                                                                                                                                                                                                                                                                                                • 34.49.229.81
                                                                                                                                                                                                                                                                                                WwKYOW4jIg.elfGet hashmaliciousMiraiBrowse
                                                                                                                                                                                                                                                                                                • 48.27.158.173
                                                                                                                                                                                                                                                                                                tw7rloKDkG.elfGet hashmaliciousMiraiBrowse
                                                                                                                                                                                                                                                                                                • 48.231.233.104
                                                                                                                                                                                                                                                                                                ZcOjro0Chh.elfGet hashmaliciousMiraiBrowse
                                                                                                                                                                                                                                                                                                • 34.63.62.117
                                                                                                                                                                                                                                                                                                dwn1cGHIbV.elfGet hashmaliciousMiraiBrowse
                                                                                                                                                                                                                                                                                                • 32.240.8.128
                                                                                                                                                                                                                                                                                                0ar3q66pGv.elfGet hashmaliciousMiraiBrowse
                                                                                                                                                                                                                                                                                                • 34.37.148.10
                                                                                                                                                                                                                                                                                                SecuriteInfo.com.W64.Remsim.A.gen.Eldorado.5736.8171.exeGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                • 34.173.17.153
                                                                                                                                                                                                                                                                                                SecuriteInfo.com.W64.Remsim.A.gen.Eldorado.5736.8171.exeGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                • 34.173.17.153
                                                                                                                                                                                                                                                                                                ATGS-MMD-ASUShttps://autode.sk/4bb5BeVGet hashmaliciousHtmlDropper, HTMLPhisherBrowse
                                                                                                                                                                                                                                                                                                • 34.160.78.217
                                                                                                                                                                                                                                                                                                https://url.us.m.mimecastprotect.com/s/qkT5Cv2pWyUOjZODty9fnF?domain=google.comGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                • 34.149.20.76
                                                                                                                                                                                                                                                                                                http://www.mh3solaroh.com/Get hashmaliciousHTMLPhisherBrowse
                                                                                                                                                                                                                                                                                                • 34.49.229.81
                                                                                                                                                                                                                                                                                                WwKYOW4jIg.elfGet hashmaliciousMiraiBrowse
                                                                                                                                                                                                                                                                                                • 48.27.158.173
                                                                                                                                                                                                                                                                                                tw7rloKDkG.elfGet hashmaliciousMiraiBrowse
                                                                                                                                                                                                                                                                                                • 48.231.233.104
                                                                                                                                                                                                                                                                                                ZcOjro0Chh.elfGet hashmaliciousMiraiBrowse
                                                                                                                                                                                                                                                                                                • 34.63.62.117
                                                                                                                                                                                                                                                                                                dwn1cGHIbV.elfGet hashmaliciousMiraiBrowse
                                                                                                                                                                                                                                                                                                • 32.240.8.128
                                                                                                                                                                                                                                                                                                0ar3q66pGv.elfGet hashmaliciousMiraiBrowse
                                                                                                                                                                                                                                                                                                • 34.37.148.10
                                                                                                                                                                                                                                                                                                SecuriteInfo.com.W64.Remsim.A.gen.Eldorado.5736.8171.exeGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                • 34.173.17.153
                                                                                                                                                                                                                                                                                                SecuriteInfo.com.W64.Remsim.A.gen.Eldorado.5736.8171.exeGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                • 34.173.17.153
                                                                                                                                                                                                                                                                                                MIT-GATEWAYSUShttps://4yu76uyd4.best/ccon/Get hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                • 18.173.166.42
                                                                                                                                                                                                                                                                                                https://autode.sk/4bb5BeVGet hashmaliciousHtmlDropper, HTMLPhisherBrowse
                                                                                                                                                                                                                                                                                                • 18.160.18.96
                                                                                                                                                                                                                                                                                                https://url.us.m.mimecastprotect.com/s/qkT5Cv2pWyUOjZODty9fnF?domain=google.comGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                • 18.64.153.203
                                                                                                                                                                                                                                                                                                https://j4tpu.bpmsafelink.com/c/0aR4TTLkLUqplUI-2TrhdAGet hashmaliciousHTMLPhisherBrowse
                                                                                                                                                                                                                                                                                                • 18.164.78.99
                                                                                                                                                                                                                                                                                                0tfJECfbEP.elfGet hashmaliciousMiraiBrowse
                                                                                                                                                                                                                                                                                                • 18.56.189.88
                                                                                                                                                                                                                                                                                                http://www.mh3solaroh.com/Get hashmaliciousHTMLPhisherBrowse
                                                                                                                                                                                                                                                                                                • 18.165.116.61
                                                                                                                                                                                                                                                                                                tw7rloKDkG.elfGet hashmaliciousMiraiBrowse
                                                                                                                                                                                                                                                                                                • 19.221.246.15
                                                                                                                                                                                                                                                                                                https://runrun.it/share/portal/x1pWDYC5l2f72kuwGet hashmaliciousHTMLPhisherBrowse
                                                                                                                                                                                                                                                                                                • 18.164.78.6
                                                                                                                                                                                                                                                                                                https://runrun.it/share/portal/x1pWDYC5l2f72kuwGet hashmaliciousHTMLPhisherBrowse
                                                                                                                                                                                                                                                                                                • 18.164.78.72
                                                                                                                                                                                                                                                                                                http://seattlend.comGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                • 18.160.15.172

                                                                                                                                                                                                                                                                                                JA3 Fingerprints

                                                                                                                                                                                                                                                                                                MatchAssociated Sample Name / URLSHA 256DetectionThreat NameLinkContext
                                                                                                                                                                                                                                                                                                fb0aa01abe9d8e4037eb3473ca6e2dcanagateliteqfUK.exeGet hashmaliciousAZORult++Browse
                                                                                                                                                                                                                                                                                                • 35.244.181.201
                                                                                                                                                                                                                                                                                                • 34.149.100.209
                                                                                                                                                                                                                                                                                                • 34.160.144.191
                                                                                                                                                                                                                                                                                                • 18.173.166.117
                                                                                                                                                                                                                                                                                                • 34.120.208.123
                                                                                                                                                                                                                                                                                                Cheater Pro 1.6.0.msiGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                • 35.244.181.201
                                                                                                                                                                                                                                                                                                • 34.149.100.209
                                                                                                                                                                                                                                                                                                • 34.160.144.191
                                                                                                                                                                                                                                                                                                • 18.173.166.117
                                                                                                                                                                                                                                                                                                • 34.120.208.123
                                                                                                                                                                                                                                                                                                Cheat Lab 2.7.2.msiGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                • 35.244.181.201
                                                                                                                                                                                                                                                                                                • 34.149.100.209
                                                                                                                                                                                                                                                                                                • 34.160.144.191
                                                                                                                                                                                                                                                                                                • 18.173.166.117
                                                                                                                                                                                                                                                                                                • 34.120.208.123
                                                                                                                                                                                                                                                                                                Evernote.exeGet hashmaliciousLummaCBrowse
                                                                                                                                                                                                                                                                                                • 35.244.181.201
                                                                                                                                                                                                                                                                                                • 34.149.100.209
                                                                                                                                                                                                                                                                                                • 34.160.144.191
                                                                                                                                                                                                                                                                                                • 18.173.166.117
                                                                                                                                                                                                                                                                                                • 34.120.208.123
                                                                                                                                                                                                                                                                                                VLJWG-Y3VJN-21LNUV2-AHEB0VE.htaGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                • 35.244.181.201
                                                                                                                                                                                                                                                                                                • 34.149.100.209
                                                                                                                                                                                                                                                                                                • 34.160.144.191
                                                                                                                                                                                                                                                                                                • 18.173.166.117
                                                                                                                                                                                                                                                                                                • 34.120.208.123
                                                                                                                                                                                                                                                                                                https://mega.nz/file/1uN3EaxZ#CUbFeX5nzgfkR0qb6Ucg8nGbIFqE9cmqjhfatbJqPpkGet hashmaliciousHTMLPhisherBrowse
                                                                                                                                                                                                                                                                                                • 35.244.181.201
                                                                                                                                                                                                                                                                                                • 34.149.100.209
                                                                                                                                                                                                                                                                                                • 34.160.144.191
                                                                                                                                                                                                                                                                                                • 18.173.166.117
                                                                                                                                                                                                                                                                                                • 34.120.208.123
                                                                                                                                                                                                                                                                                                vm.dllGet hashmaliciousCobaltStrikeBrowse
                                                                                                                                                                                                                                                                                                • 35.244.181.201
                                                                                                                                                                                                                                                                                                • 34.149.100.209
                                                                                                                                                                                                                                                                                                • 34.160.144.191
                                                                                                                                                                                                                                                                                                • 18.173.166.117
                                                                                                                                                                                                                                                                                                • 34.120.208.123
                                                                                                                                                                                                                                                                                                W2_AND_1095_PDF.jarGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                • 35.244.181.201
                                                                                                                                                                                                                                                                                                • 34.149.100.209
                                                                                                                                                                                                                                                                                                • 34.160.144.191
                                                                                                                                                                                                                                                                                                • 18.173.166.117
                                                                                                                                                                                                                                                                                                • 34.120.208.123
                                                                                                                                                                                                                                                                                                UpdaterTag.dllGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                • 35.244.181.201
                                                                                                                                                                                                                                                                                                • 34.149.100.209
                                                                                                                                                                                                                                                                                                • 34.160.144.191
                                                                                                                                                                                                                                                                                                • 18.173.166.117
                                                                                                                                                                                                                                                                                                • 34.120.208.123
                                                                                                                                                                                                                                                                                                ZoominstallerFull.exeGet hashmaliciousPureLog Stealer, RedLine, zgRATBrowse
                                                                                                                                                                                                                                                                                                • 35.244.181.201
                                                                                                                                                                                                                                                                                                • 34.149.100.209
                                                                                                                                                                                                                                                                                                • 34.160.144.191
                                                                                                                                                                                                                                                                                                • 18.173.166.117
                                                                                                                                                                                                                                                                                                • 34.120.208.123

                                                                                                                                                                                                                                                                                                Dropped Files

                                                                                                                                                                                                                                                                                                MatchAssociated Sample Name / URLSHA 256DetectionThreat NameLinkContext
                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\sp4c0p22.default-release\gmp-gmpopenh264\1.8.1.2\gmpopenh264.dll.tmphttps://tibusiness.cl/css/causarol.rarGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                  Cheater Pro 1.6.0.msiGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                    Cheat Lab 2.7.2.msiGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                      Evernote.exeGet hashmaliciousLummaCBrowse
                                                                                                                                                                                                                                                                                                        https://mega.nz/file/1uN3EaxZ#CUbFeX5nzgfkR0qb6Ucg8nGbIFqE9cmqjhfatbJqPpkGet hashmaliciousHTMLPhisherBrowse
                                                                                                                                                                                                                                                                                                          vm.dllGet hashmaliciousCobaltStrikeBrowse
                                                                                                                                                                                                                                                                                                            W2_AND_1095_PDF.jarGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                              UpdaterTag.dllGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                YmXa44bW67.exeGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                  YmXa44bW67.exeGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                    C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\sp4c0p22.default-release\gmp-gmpopenh264\1.8.1.2\gmpopenh264.dll (copy)https://tibusiness.cl/css/causarol.rarGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                      Cheater Pro 1.6.0.msiGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                        Cheat Lab 2.7.2.msiGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                          Evernote.exeGet hashmaliciousLummaCBrowse
                                                                                                                                                                                                                                                                                                                            https://mega.nz/file/1uN3EaxZ#CUbFeX5nzgfkR0qb6Ucg8nGbIFqE9cmqjhfatbJqPpkGet hashmaliciousHTMLPhisherBrowse
                                                                                                                                                                                                                                                                                                                              vm.dllGet hashmaliciousCobaltStrikeBrowse
                                                                                                                                                                                                                                                                                                                                W2_AND_1095_PDF.jarGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                                  UpdaterTag.dllGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                                    YmXa44bW67.exeGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                                      YmXa44bW67.exeGet hashmaliciousUnknownBrowse

                                                                                                                                                                                                                                                                                                                                        Created / dropped Files

                                                                                                                                                                                                                                                                                                                                        C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\uninstall_ping_308046B0AF4A39CB_2081319e-e41d-4321-9a17-b9c342156d2b.json (copy)

                                                                                                                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                                                                                                                        Process:C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                                                                                        File Type:JSON data
                                                                                                                                                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                                                                                                                                                        Size (bytes):7598
                                                                                                                                                                                                                                                                                                                                        Entropy (8bit):5.176108269989398
                                                                                                                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                                                                                                                        SSDEEP:192:ILMimATcbhbVbTbfbRbObtbyEl7n0JA6UnSrDtTEd/S9b:Iw+cNhnzFSJnLnSrDhEd/g
                                                                                                                                                                                                                                                                                                                                        MD5:ACFFBC9F046D2F5D5F7E5B3C800812D0
                                                                                                                                                                                                                                                                                                                                        SHA1:398438348E08CF474372841E435CC320CAF9F094
                                                                                                                                                                                                                                                                                                                                        SHA-256:3C556101E6B8201C282A74CBC7BB79393B0AE3F09D58FCBB5BC95D08145A90C6
                                                                                                                                                                                                                                                                                                                                        SHA-512:91C47D5B5BA73852146AFB807C3374A32C2E95FE3C1E1764D0B800BA5C01E7F3291816FA6D6CCF2C3600D7D9AE18B7E9E5C19EBEC335D024B7A69FC6799B31A1
                                                                                                                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                                                                                                                        Reputation:low
                                                                                                                                                                                                                                                                                                                                        Preview:{"type":"uninstall","id":"2081319e-e41d-4321-9a17-b9c342156d2b","creationDate":"2024-04-26T07:11:27.063Z","version":4,"application":{"architecture":"x86-64","buildId":"20230927232528","name":"Firefox","version":"118.0.1","displayVersion":"118.0.1","vendor":"Mozilla","platformVersion":"118.0.1","xpcomAbi":"x86_64-msvc","channel":"release"},"payload":{"otherInstalls":0},"clientId":"413174e6-2d70-4d17-b528-bf49e920b3c6","environment":{"build":{"applicationId":"{ec8030f7-c20a-464f-9b0e-13a3a9e97384}","applicationName":"Firefox","architecture":"x86-64","buildId":"20230927232528","version":"118.0.1","vendor":"Mozilla","displayVersion":"118.0.1","platformVersion":"118.0.1","xpcomAbi":"x86_64-msvc","updaterAvailable":true},"partner":{"distributionId":null,"distributionVersion":null,"partnerId":null,"distributor":null,"distributorChannel":null,"partnerNames":[]},"system":{"memoryMB":8191,"virtualMaxMB":134217728,"cpu":{"isWindowsSMode":false,"count":4,"cores":4,"vendor":"GenuineIntel","name":"I

                                                                                                                                                                                                                                                                                                                                        C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\uninstall_ping_308046B0AF4A39CB_2081319e-e41d-4321-9a17-b9c342156d2b.json.tmp

                                                                                                                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                                                                                                                        Process:C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                                                                                        File Type:JSON data
                                                                                                                                                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                                                                                                                                                        Size (bytes):7598
                                                                                                                                                                                                                                                                                                                                        Entropy (8bit):5.176108269989398
                                                                                                                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                                                                                                                        SSDEEP:192:ILMimATcbhbVbTbfbRbObtbyEl7n0JA6UnSrDtTEd/S9b:Iw+cNhnzFSJnLnSrDhEd/g
                                                                                                                                                                                                                                                                                                                                        MD5:ACFFBC9F046D2F5D5F7E5B3C800812D0
                                                                                                                                                                                                                                                                                                                                        SHA1:398438348E08CF474372841E435CC320CAF9F094
                                                                                                                                                                                                                                                                                                                                        SHA-256:3C556101E6B8201C282A74CBC7BB79393B0AE3F09D58FCBB5BC95D08145A90C6
                                                                                                                                                                                                                                                                                                                                        SHA-512:91C47D5B5BA73852146AFB807C3374A32C2E95FE3C1E1764D0B800BA5C01E7F3291816FA6D6CCF2C3600D7D9AE18B7E9E5C19EBEC335D024B7A69FC6799B31A1
                                                                                                                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                                                                                                                        Reputation:low
                                                                                                                                                                                                                                                                                                                                        Preview:{"type":"uninstall","id":"2081319e-e41d-4321-9a17-b9c342156d2b","creationDate":"2024-04-26T07:11:27.063Z","version":4,"application":{"architecture":"x86-64","buildId":"20230927232528","name":"Firefox","version":"118.0.1","displayVersion":"118.0.1","vendor":"Mozilla","platformVersion":"118.0.1","xpcomAbi":"x86_64-msvc","channel":"release"},"payload":{"otherInstalls":0},"clientId":"413174e6-2d70-4d17-b528-bf49e920b3c6","environment":{"build":{"applicationId":"{ec8030f7-c20a-464f-9b0e-13a3a9e97384}","applicationName":"Firefox","architecture":"x86-64","buildId":"20230927232528","version":"118.0.1","vendor":"Mozilla","displayVersion":"118.0.1","platformVersion":"118.0.1","xpcomAbi":"x86_64-msvc","updaterAvailable":true},"partner":{"distributionId":null,"distributionVersion":null,"partnerId":null,"distributor":null,"distributorChannel":null,"partnerNames":[]},"system":{"memoryMB":8191,"virtualMaxMB":134217728,"cpu":{"isWindowsSMode":false,"count":4,"cores":4,"vendor":"GenuineIntel","name":"I

                                                                                                                                                                                                                                                                                                                                        C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\LOG

                                                                                                                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                                                                                                                        Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe
                                                                                                                                                                                                                                                                                                                                        File Type:ASCII text
                                                                                                                                                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                                                                                                                                                        Size (bytes):290
                                                                                                                                                                                                                                                                                                                                        Entropy (8bit):5.209976442555599
                                                                                                                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                                                                                                                        SSDEEP:6:+7VNJIq2PRN2nKuAl9OmbnIFUt8F7VIZmw+F7VQkwORN2nKuAl9OmbjLJ:uJIvaHAahFUt8A/+o5JHAaSJ
                                                                                                                                                                                                                                                                                                                                        MD5:56B63FA680FE8E02D7E4949239A7E8C7
                                                                                                                                                                                                                                                                                                                                        SHA1:A312764122033167586508482A9848707D08D5B8
                                                                                                                                                                                                                                                                                                                                        SHA-256:B0DD2C4CB6D2DBF2D9E7300C419208143D8386A229B829D917304BB260D8CF39
                                                                                                                                                                                                                                                                                                                                        SHA-512:E9840211AB765AFD9B42595ED5DC2827488E24B840B15919D61ACF686C09BD2A47887689CEE7E263F4034CE7F4703C96962BF5A4CEA0CED08128B5550B9FFCEB
                                                                                                                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                                                                                                                        Reputation:low
                                                                                                                                                                                                                                                                                                                                        Preview:2024/04/26-07:29:04.033 1584 Reusing MANIFEST C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache/MANIFEST-000001.2024/04/26-07:29:04.034 1584 Recovering log #3.2024/04/26-07:29:04.034 1584 Reusing old log C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache/000003.log .

                                                                                                                                                                                                                                                                                                                                        C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\LOG.old (copy)

                                                                                                                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                                                                                                                        Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe
                                                                                                                                                                                                                                                                                                                                        File Type:ASCII text
                                                                                                                                                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                                                                                                                                                        Size (bytes):290
                                                                                                                                                                                                                                                                                                                                        Entropy (8bit):5.209976442555599
                                                                                                                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                                                                                                                        SSDEEP:6:+7VNJIq2PRN2nKuAl9OmbnIFUt8F7VIZmw+F7VQkwORN2nKuAl9OmbjLJ:uJIvaHAahFUt8A/+o5JHAaSJ
                                                                                                                                                                                                                                                                                                                                        MD5:56B63FA680FE8E02D7E4949239A7E8C7
                                                                                                                                                                                                                                                                                                                                        SHA1:A312764122033167586508482A9848707D08D5B8
                                                                                                                                                                                                                                                                                                                                        SHA-256:B0DD2C4CB6D2DBF2D9E7300C419208143D8386A229B829D917304BB260D8CF39
                                                                                                                                                                                                                                                                                                                                        SHA-512:E9840211AB765AFD9B42595ED5DC2827488E24B840B15919D61ACF686C09BD2A47887689CEE7E263F4034CE7F4703C96962BF5A4CEA0CED08128B5550B9FFCEB
                                                                                                                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                                                                                                                        Preview:2024/04/26-07:29:04.033 1584 Reusing MANIFEST C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache/MANIFEST-000001.2024/04/26-07:29:04.034 1584 Recovering log #3.2024/04/26-07:29:04.034 1584 Reusing old log C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache/000003.log .

                                                                                                                                                                                                                                                                                                                                        C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Local Storage\leveldb\LOG

                                                                                                                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                                                                                                                        Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe
                                                                                                                                                                                                                                                                                                                                        File Type:ASCII text
                                                                                                                                                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                                                                                                                                                        Size (bytes):334
                                                                                                                                                                                                                                                                                                                                        Entropy (8bit):5.196201602000643
                                                                                                                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                                                                                                                        SSDEEP:6:+73cM+q2PRN2nKuAl9Ombzo2jMGIFUt8F7zYNJZmw+F7zYNcMVkwORN2nKuAl9OU:vM+vaHAa8uFUt8VU/+VPMV5JHAa8RJ
                                                                                                                                                                                                                                                                                                                                        MD5:83525CD5082095537ADFBC199804EC0D
                                                                                                                                                                                                                                                                                                                                        SHA1:59DC46C24D930D25EE5241AC6B9D4F90E12BFC90
                                                                                                                                                                                                                                                                                                                                        SHA-256:691B5DCF770EE1E911A584375A50D77690D2A8C1DAA2FD38FD854A588C6D27C7
                                                                                                                                                                                                                                                                                                                                        SHA-512:22D7628E3DCFF543E3B522B3D3F29352F450E4B896E307641F6B792619F01FE35EE0976E17FABB8C8995E7BA79E2E483FF87281B080CE217C5FB32CB5259445B
                                                                                                                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                                                                                                                        Preview:2024/04/26-07:29:03.956 19fc Reusing MANIFEST C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Local Storage\leveldb/MANIFEST-000001.2024/04/26-07:29:03.959 19fc Recovering log #3.2024/04/26-07:29:03.959 19fc Reusing old log C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Local Storage\leveldb/000003.log .

                                                                                                                                                                                                                                                                                                                                        C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Local Storage\leveldb\LOG.old (copy)

                                                                                                                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                                                                                                                        Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe
                                                                                                                                                                                                                                                                                                                                        File Type:ASCII text
                                                                                                                                                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                                                                                                                                                        Size (bytes):334
                                                                                                                                                                                                                                                                                                                                        Entropy (8bit):5.196201602000643
                                                                                                                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                                                                                                                        SSDEEP:6:+73cM+q2PRN2nKuAl9Ombzo2jMGIFUt8F7zYNJZmw+F7zYNcMVkwORN2nKuAl9OU:vM+vaHAa8uFUt8VU/+VPMV5JHAa8RJ
                                                                                                                                                                                                                                                                                                                                        MD5:83525CD5082095537ADFBC199804EC0D
                                                                                                                                                                                                                                                                                                                                        SHA1:59DC46C24D930D25EE5241AC6B9D4F90E12BFC90
                                                                                                                                                                                                                                                                                                                                        SHA-256:691B5DCF770EE1E911A584375A50D77690D2A8C1DAA2FD38FD854A588C6D27C7
                                                                                                                                                                                                                                                                                                                                        SHA-512:22D7628E3DCFF543E3B522B3D3F29352F450E4B896E307641F6B792619F01FE35EE0976E17FABB8C8995E7BA79E2E483FF87281B080CE217C5FB32CB5259445B
                                                                                                                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                                                                                                                        Preview:2024/04/26-07:29:03.956 19fc Reusing MANIFEST C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Local Storage\leveldb/MANIFEST-000001.2024/04/26-07:29:03.959 19fc Recovering log #3.2024/04/26-07:29:03.959 19fc Reusing old log C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Local Storage\leveldb/000003.log .

                                                                                                                                                                                                                                                                                                                                        C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Session Storage\000003.log

                                                                                                                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                                                                                                                        Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe
                                                                                                                                                                                                                                                                                                                                        File Type:data
                                                                                                                                                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                                                                                                                                                        Size (bytes):4099
                                                                                                                                                                                                                                                                                                                                        Entropy (8bit):5.231037454315794
                                                                                                                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                                                                                                                        SSDEEP:96:OLSw0bSwIAnrRqLX2rSq1OUxu/0OZ0xRBTxekN8xeklUWAI6x:OLT0bTIeYa51Ogu/0OZARBT8kN88klIj
                                                                                                                                                                                                                                                                                                                                        MD5:DF3D7598117D92CBC619D8C733F87C0E
                                                                                                                                                                                                                                                                                                                                        SHA1:1B8DD60126A6C115FCFC31A1DE64022AD5846458
                                                                                                                                                                                                                                                                                                                                        SHA-256:B196D9150BF5E38C2C44D6CFBA07725506065D52BB9C55615EBD5676B36D8B52
                                                                                                                                                                                                                                                                                                                                        SHA-512:D9FF6B84426053056ADD817CC160BC000D07C48E9BA94931CAB12DC955E09C98DB87B6D5DE1576207C4178D830AA582E9F4D3AEDB2126CB428280C7547F8F54C
                                                                                                                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                                                                                                                        Preview:*...#................version.1..namespace-e...o................next-map-id.1.Pnamespace-1d95df23_a38f_44a8_b732_4e62dd896a16-https://rna-resource.acrobat.com/.0y.S_r................next-map-id.2.Snamespace-2a884c18_b39c_4e3d_942f_252e530ca4bd-https://rna-v2-resource.acrobat.com/.16.X:r................next-map-id.3.Snamespace-2e78bfda_7188_4688_a4aa_1ff81b6e5eaa-https://rna-v2-resource.acrobat.com/.2.P.@o................next-map-id.4.Pnamespace-09c119c2_97bc_4467_8f67_f92472c9e5dc-https://rna-resource.acrobat.com/.346.+^...............Pnamespace-1d95df23_a38f_44a8_b732_4e62dd896a16-https://rna-resource.acrobat.com/....^...............Pnamespace-09c119c2_97bc_4467_8f67_f92472c9e5dc-https://rna-resource.acrobat.com/..?&a...............Snamespace-2a884c18_b39c_4e3d_942f_252e530ca4bd-https://rna-v2-resource.acrobat.com/_...a...............Snamespace-2e78bfda_7188_4688_a4aa_1ff81b6e5eaa-https://rna-v2-resource.acrobat.com/...o................next-map-id.5.Pnamespace-07af9ee9_2076_4f12_94b5_

                                                                                                                                                                                                                                                                                                                                        C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Session Storage\LOG

                                                                                                                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                                                                                                                        Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe
                                                                                                                                                                                                                                                                                                                                        File Type:ASCII text
                                                                                                                                                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                                                                                                                                                        Size (bytes):322
                                                                                                                                                                                                                                                                                                                                        Entropy (8bit):5.192906275546808
                                                                                                                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                                                                                                                        SSDEEP:6:+7VMGNcM+q2PRN2nKuAl9OmbzNMxIFUt8F7V0JZmw+F7VecMVkwORN2nKuAl9Omk:cqM+vaHAa8jFUt8O/+DMV5JHAa84J
                                                                                                                                                                                                                                                                                                                                        MD5:FE5D8940317747377F7C8F84590A4231
                                                                                                                                                                                                                                                                                                                                        SHA1:C0982E66CF4253B0916A4A4E41BCE87A7AD87B3F
                                                                                                                                                                                                                                                                                                                                        SHA-256:DB5D62817D3E597CF78DB96EE633CBAD3701983B893C203AD1E089B21CB6C34D
                                                                                                                                                                                                                                                                                                                                        SHA-512:13514F5720F413BFB62FCF62AE26090BB9BBE49190E2FA847E78CB2AE77C226FFF3A4E11B26AC0A16C2D3DF7403DD8988E2D4E30ACA595D55435E5539B722807
                                                                                                                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                                                                                                                        Preview:2024/04/26-07:29:04.065 19fc Reusing MANIFEST C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Session Storage/MANIFEST-000001.2024/04/26-07:29:04.066 19fc Recovering log #3.2024/04/26-07:29:04.068 19fc Reusing old log C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Session Storage/000003.log .

                                                                                                                                                                                                                                                                                                                                        C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Session Storage\LOG.old (copy)

                                                                                                                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                                                                                                                        Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe
                                                                                                                                                                                                                                                                                                                                        File Type:ASCII text
                                                                                                                                                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                                                                                                                                                        Size (bytes):322
                                                                                                                                                                                                                                                                                                                                        Entropy (8bit):5.192906275546808
                                                                                                                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                                                                                                                        SSDEEP:6:+7VMGNcM+q2PRN2nKuAl9OmbzNMxIFUt8F7V0JZmw+F7VecMVkwORN2nKuAl9Omk:cqM+vaHAa8jFUt8O/+DMV5JHAa84J
                                                                                                                                                                                                                                                                                                                                        MD5:FE5D8940317747377F7C8F84590A4231
                                                                                                                                                                                                                                                                                                                                        SHA1:C0982E66CF4253B0916A4A4E41BCE87A7AD87B3F
                                                                                                                                                                                                                                                                                                                                        SHA-256:DB5D62817D3E597CF78DB96EE633CBAD3701983B893C203AD1E089B21CB6C34D
                                                                                                                                                                                                                                                                                                                                        SHA-512:13514F5720F413BFB62FCF62AE26090BB9BBE49190E2FA847E78CB2AE77C226FFF3A4E11B26AC0A16C2D3DF7403DD8988E2D4E30ACA595D55435E5539B722807
                                                                                                                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                                                                                                                        Preview:2024/04/26-07:29:04.065 19fc Reusing MANIFEST C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Session Storage/MANIFEST-000001.2024/04/26-07:29:04.066 19fc Recovering log #3.2024/04/26-07:29:04.068 19fc Reusing old log C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Session Storage/000003.log .

                                                                                                                                                                                                                                                                                                                                        C:\Users\user\AppData\Local\Adobe\Acrobat\DC\AdobeFnt23.lst.4712

                                                                                                                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                                                                                                                        Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
                                                                                                                                                                                                                                                                                                                                        File Type:PostScript document text
                                                                                                                                                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                                                                                                                                                        Size (bytes):185099
                                                                                                                                                                                                                                                                                                                                        Entropy (8bit):5.182478651346149
                                                                                                                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                                                                                                                        SSDEEP:1536:JsVoWFMWQNk1KUQII5J5lZRT95tFiQibVJDS+Stu/3IVQBrp3Mv9df0CXLhNHqTM:bViyFXE07ZmandGCyN2mM7IgOP0gC
                                                                                                                                                                                                                                                                                                                                        MD5:94185C5850C26B3C6FC24ABC385CDA58
                                                                                                                                                                                                                                                                                                                                        SHA1:42F042285037B0C35BC4226D387F88C770AB5CAA
                                                                                                                                                                                                                                                                                                                                        SHA-256:1D9979A98F7C4B3073BC03EE9D974CCE9FE265A1E2F8E9EE26A4A5528419E808
                                                                                                                                                                                                                                                                                                                                        SHA-512:652657C00DD6AED1A132E1DFD0B97B8DF233CDC257DA8F75AC9F2428F2F7715186EA8B3B24F8350D409CC3D49AFDD36E904B077E28B4AD3E4D08B4DBD5714344
                                                                                                                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                                                                                                                        Preview:%!Adobe-FontList 1.23.%Locale:0x809..%BeginFont.Handler:WinTTHandler.FontType:TrueType.FontName:AgencyFB-Reg.FamilyName:Agency FB.StyleName:Regular.MenuName:Agency FB.StyleBits:0.WeightClass:400.WidthClass:3.AngleClass:0.FullName:Agency FB.WritingScript:Roman.hasSVG:no.hasCOLR:no.VariableFontType:NonVariableFont.WinName:Agency FB.FileLength:58920.NameArray:0,Win,1,Agency FB.NameArray:0,Mac,4,Agency FB.NameArray:0,Win,1,Agency FB.%EndFont..%BeginFont.Handler:WinTTHandler.FontType:TrueType.FontName:AgencyFB-Bold.FamilyName:Agency FB.StyleName:Bold.MenuName:Agency FB.StyleBits:2.WeightClass:700.WidthClass:3.AngleClass:0.FullName:Agency FB Bold.WritingScript:Roman.hasSVG:no.hasCOLR:no.VariableFontType:NonVariableFont.WinName:Agency FB Bold.FileLength:60656.NameArray:0,Win,1,Agency FB.NameArray:0,Mac,4,Agency FB Bold.NameArray:0,Win,1,Agency FB.%EndFont..%BeginFont.Handler:WinTTHandler.FontType:TrueType.FontName:Algerian.FamilyName:Algerian.StyleName:Regular.MenuName:Algerian.StyleBits:0.We

                                                                                                                                                                                                                                                                                                                                        C:\Users\user\AppData\Local\Adobe\Acrobat\DC\AdobeSysFnt23.lst (copy)

                                                                                                                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                                                                                                                        Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
                                                                                                                                                                                                                                                                                                                                        File Type:PostScript document text
                                                                                                                                                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                                                                                                                                                        Size (bytes):185099
                                                                                                                                                                                                                                                                                                                                        Entropy (8bit):5.182478651346149
                                                                                                                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                                                                                                                        SSDEEP:1536:JsVoWFMWQNk1KUQII5J5lZRT95tFiQibVJDS+Stu/3IVQBrp3Mv9df0CXLhNHqTM:bViyFXE07ZmandGCyN2mM7IgOP0gC
                                                                                                                                                                                                                                                                                                                                        MD5:94185C5850C26B3C6FC24ABC385CDA58
                                                                                                                                                                                                                                                                                                                                        SHA1:42F042285037B0C35BC4226D387F88C770AB5CAA
                                                                                                                                                                                                                                                                                                                                        SHA-256:1D9979A98F7C4B3073BC03EE9D974CCE9FE265A1E2F8E9EE26A4A5528419E808
                                                                                                                                                                                                                                                                                                                                        SHA-512:652657C00DD6AED1A132E1DFD0B97B8DF233CDC257DA8F75AC9F2428F2F7715186EA8B3B24F8350D409CC3D49AFDD36E904B077E28B4AD3E4D08B4DBD5714344
                                                                                                                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                                                                                                                        Preview:%!Adobe-FontList 1.23.%Locale:0x809..%BeginFont.Handler:WinTTHandler.FontType:TrueType.FontName:AgencyFB-Reg.FamilyName:Agency FB.StyleName:Regular.MenuName:Agency FB.StyleBits:0.WeightClass:400.WidthClass:3.AngleClass:0.FullName:Agency FB.WritingScript:Roman.hasSVG:no.hasCOLR:no.VariableFontType:NonVariableFont.WinName:Agency FB.FileLength:58920.NameArray:0,Win,1,Agency FB.NameArray:0,Mac,4,Agency FB.NameArray:0,Win,1,Agency FB.%EndFont..%BeginFont.Handler:WinTTHandler.FontType:TrueType.FontName:AgencyFB-Bold.FamilyName:Agency FB.StyleName:Bold.MenuName:Agency FB.StyleBits:2.WeightClass:700.WidthClass:3.AngleClass:0.FullName:Agency FB Bold.WritingScript:Roman.hasSVG:no.hasCOLR:no.VariableFontType:NonVariableFont.WinName:Agency FB Bold.FileLength:60656.NameArray:0,Win,1,Agency FB.NameArray:0,Mac,4,Agency FB Bold.NameArray:0,Win,1,Agency FB.%EndFont..%BeginFont.Handler:WinTTHandler.FontType:TrueType.FontName:Algerian.FamilyName:Algerian.StyleName:Regular.MenuName:Algerian.StyleBits:0.We

                                                                                                                                                                                                                                                                                                                                        C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\TESTING

                                                                                                                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                                                                                                                        Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
                                                                                                                                                                                                                                                                                                                                        File Type:data
                                                                                                                                                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                                                                                                                                                        Size (bytes):4
                                                                                                                                                                                                                                                                                                                                        Entropy (8bit):0.8112781244591328
                                                                                                                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                                                                                                                        SSDEEP:3:e:e
                                                                                                                                                                                                                                                                                                                                        MD5:DC84B0D741E5BEAE8070013ADDCC8C28
                                                                                                                                                                                                                                                                                                                                        SHA1:802F4A6A20CBF157AAF6C4E07E4301578D5936A2
                                                                                                                                                                                                                                                                                                                                        SHA-256:81FF65EFC4487853BDB4625559E69AB44F19E0F5EFBD6D5B2AF5E3AB267C8E06
                                                                                                                                                                                                                                                                                                                                        SHA-512:65D5F2A173A43ED2089E3934EB48EA02DD9CCE160D539A47D33A616F29554DBD7AF5D62672DA1637E0466333A78AAA023CBD95846A50AC994947DC888AB6AB71
                                                                                                                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                                                                                                                        Preview:....

                                                                                                                                                                                                                                                                                                                                        C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\SOPHIA.json

                                                                                                                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                                                                                                                        Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
                                                                                                                                                                                                                                                                                                                                        File Type:JSON data
                                                                                                                                                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                                                                                                                                                        Size (bytes):1969
                                                                                                                                                                                                                                                                                                                                        Entropy (8bit):5.060535857234811
                                                                                                                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                                                                                                                        SSDEEP:48:YxAiESbjWbj2CjxjZ4oijxi+0jPjrVbjBgajF:2XWP2ERaTx3y7BPBgMF
                                                                                                                                                                                                                                                                                                                                        MD5:5CF1E6A13C8AC4702C8DC64B9FB907D6
                                                                                                                                                                                                                                                                                                                                        SHA1:57AC8C6DCAF10057D9E6AF555EB1BCB33D946DC4
                                                                                                                                                                                                                                                                                                                                        SHA-256:84928D99E774CEE82D19503442AD86A9BEE1996D59019BCECAAAC25B7E3FE046
                                                                                                                                                                                                                                                                                                                                        SHA-512:B450FE4B956CE64D5D83CCCB5F6DCBF34907EEB049A27818307A300F3C2B23A13C71C9DB46BADE2B6D269BF60CEA213A89280ADBA8FB7223E1AD8D6BB6EC848A
                                                                                                                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                                                                                                                        Preview:{"all":[{"id":"TESTING","info":{"dg":"DG","sid":"TESTING"},"mimeType":"file","size":4,"ts":1714109344000},{"id":"DC_Reader_Home_LHP_Trial_Banner","info":{"dg":"f44756c6e08822e64c0e471a2499e34d","sid":"DC_Reader_Home_LHP_Trial_Banner"},"mimeType":"file","size":295,"ts":1696585148000},{"id":"DC_Reader_Disc_LHP_Banner","info":{"dg":"e8f53b6740aba22a83a1a569cebedbcc","sid":"DC_Reader_Disc_LHP_Banner"},"mimeType":"file","size":1250,"ts":1696585148000},{"id":"DC_Reader_Sign_LHP_Banner","info":{"dg":"ab062dea95f25ef019cc2f5f5f0121d4","sid":"DC_Reader_Sign_LHP_Banner"},"mimeType":"file","size":1250,"ts":1696583346000},{"id":"DC_Reader_Convert_LHP_Banner","info":{"dg":"65580efad4bc88b91040ff50d71bfae9","sid":"DC_Reader_Convert_LHP_Banner"},"mimeType":"file","size":1255,"ts":1696583346000},{"id":"DC_Reader_Edit_LHP_Banner","info":{"dg":"f8ce16c8d78d640728012d308f601433","sid":"DC_Reader_Edit_LHP_Banner"},"mimeType":"file","size":1230,"ts":1696583346000},{"id":"DC_Reader_RHP_Banner","info":{"dg":

                                                                                                                                                                                                                                                                                                                                        C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SharedDataEvents

                                                                                                                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                                                                                                                        Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
                                                                                                                                                                                                                                                                                                                                        File Type:SQLite 3.x database, last written using SQLite version 3040000, file counter 19, database pages 3, cookie 0x2, schema 4, UTF-8, version-valid-for 19
                                                                                                                                                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                                                                                                                                                        Size (bytes):12288
                                                                                                                                                                                                                                                                                                                                        Entropy (8bit):0.9876416259958756
                                                                                                                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                                                                                                                        SSDEEP:24:TLHRx/XYKQvGJF7urs67Y9QmQ6QeRjIcLESiAieZjF:TVl2GL7ms67YXtricI8H
                                                                                                                                                                                                                                                                                                                                        MD5:194326D760E3ACCFA7D26CF3F363AF52
                                                                                                                                                                                                                                                                                                                                        SHA1:9B37EEA1FC44082F2997DF7ED88898DD4375576B
                                                                                                                                                                                                                                                                                                                                        SHA-256:AF778BB169799975988F91EDB5BD4F4706239F9B020E424F493F492556F8EB50
                                                                                                                                                                                                                                                                                                                                        SHA-512:0D67B5EBF55BEED4FD78416DA647A29E408E57B545D012DC40F7BEAFBE97288E837EC2EE7AC3CBA3BE8C513E167D35E18A0C1EAA95BB066FB7C64D8BA7E5918D
                                                                                                                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                                                                                                                        Preview:SQLite format 3......@ ..........................................................................c.....................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                                                        C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SharedDataEvents-journal

                                                                                                                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                                                                                                                        Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
                                                                                                                                                                                                                                                                                                                                        File Type:SQLite Rollback Journal
                                                                                                                                                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                                                                                                                                                        Size (bytes):8720
                                                                                                                                                                                                                                                                                                                                        Entropy (8bit):1.344267397050044
                                                                                                                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                                                                                                                        SSDEEP:24:7+tHmASY9QmQ6QeRj7cLESiAi0mY9QSWWqLBx/XYKQvGJF7urs6o:7MHmlYXtrtcI8KYNRqll2GL7ms6o
                                                                                                                                                                                                                                                                                                                                        MD5:A4E04532630F912EAF7738649A96A8D3
                                                                                                                                                                                                                                                                                                                                        SHA1:F2DB3068D0B133710196B79EC64F1E8C2B0602DF
                                                                                                                                                                                                                                                                                                                                        SHA-256:C189805C70A79B4FF6809D67BAA9A2EFF1632D4C0BFA26A6EED2749490C601EF
                                                                                                                                                                                                                                                                                                                                        SHA-512:0B98A094B9D75EC74FB8796891A820DC285AD4B57B73203E1FCC8C7E40E5880D267105F0A92CF3ADC7817EEDBB2A5F1D6FBED11A09EC132760F8924B74658B3B
                                                                                                                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                                                                                                                        Preview:.... .c........d......................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................j...#..#.#.#.#.#.#.#.#.7.7........................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                                                        C:\Users\user\AppData\Local\Temp\acrobat_sbx\NGL\NGLClient_AcrobatReader123.6.20320.6 2024-04-26 07-29-03-485.log

                                                                                                                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                                                                                                                        Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
                                                                                                                                                                                                                                                                                                                                        File Type:ASCII text, with very long lines (393)
                                                                                                                                                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                                                                                                                                                        Size (bytes):16525
                                                                                                                                                                                                                                                                                                                                        Entropy (8bit):5.353642815103214
                                                                                                                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                                                                                                                        SSDEEP:384:tbxtsuP+XEWJJQbnR8L31M7HeltV+KYm3wsa2KjF4ODkr/O8r2IUHUHMWwEyZRN2:aPL
                                                                                                                                                                                                                                                                                                                                        MD5:91F06491552FC977E9E8AF47786EE7C1
                                                                                                                                                                                                                                                                                                                                        SHA1:8FEB27904897FFCC2BE1A985D479D7F75F11CEFC
                                                                                                                                                                                                                                                                                                                                        SHA-256:06582F9F48220653B0CB355A53A9B145DA049C536D00095C57FCB3E941BA90BB
                                                                                                                                                                                                                                                                                                                                        SHA-512:A63E6E0D25B88EBB6602885AB8E91167D37267B24516A11F7492F48876D3DDCAE44FFC386E146F3CF6EB4FA6AF251602143F254687B17FCFE6F00783095C5082
                                                                                                                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                                                                                                                        Preview:SessionID=ec4bacf2-5410-40d4-850b-5ac338f864f3.1696585143072 Timestamp=2023-10-06T11:39:03:072+0200 ThreadID=6404 Component=ngl-lib_NglAppLib Description="-------- Initializing session logs --------".SessionID=ec4bacf2-5410-40d4-850b-5ac338f864f3.1696585143072 Timestamp=2023-10-06T11:39:03:072+0200 ThreadID=6404 Component=ngl-lib_kOperatingConfig Description="GetRuntimeDetails: No operating configs found".SessionID=ec4bacf2-5410-40d4-850b-5ac338f864f3.1696585143072 Timestamp=2023-10-06T11:39:03:072+0200 ThreadID=6404 Component=ngl-lib_kOperatingConfig Description="GetRuntimeDetails: Fallback to NAMED_USER_ONLINE!!".SessionID=ec4bacf2-5410-40d4-850b-5ac338f864f3.1696585143072 Timestamp=2023-10-06T11:39:03:073+0200 ThreadID=6404 Component=ngl-lib_NglAppLib Description="SetConfig: OS Name=WINDOWS_64, OS Version=10.0.19045.1".SessionID=ec4bacf2-5410-40d4-850b-5ac338f864f3.1696585143072 Timestamp=2023-10-06T11:39:03:073+0200 ThreadID=6404 Component=ngl-lib_NglAppLib Description="SetConfig:

                                                                                                                                                                                                                                                                                                                                        C:\Users\user\AppData\Local\Temp\acrobat_sbx\NGL\NGLClient_AcrobatReader123.6.20320.6.log

                                                                                                                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                                                                                                                        Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
                                                                                                                                                                                                                                                                                                                                        File Type:ASCII text, with very long lines (393), with CRLF line terminators
                                                                                                                                                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                                                                                                                                                        Size (bytes):15114
                                                                                                                                                                                                                                                                                                                                        Entropy (8bit):5.37800370091663
                                                                                                                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                                                                                                                        SSDEEP:384:7RlUdZolMXvssV13VUvKRHyaRGqlCKhT0mvF9NJsl7g+YUOEKU9ru+PygCG4pJxd:rC
                                                                                                                                                                                                                                                                                                                                        MD5:CC3C20128DF428DD58F8AF9696FF03EE
                                                                                                                                                                                                                                                                                                                                        SHA1:1D856AB6DD4B0B08F1C9004BE0C398667141858A
                                                                                                                                                                                                                                                                                                                                        SHA-256:F5DF4B9FEEFEC6BF9C3A96FBD4C98FC5DF31B4BDA520D07339FE1FD70713CA75
                                                                                                                                                                                                                                                                                                                                        SHA-512:781F05083A653B3285A3CF8444F3167B02E76583AA89FD0E9B183860EFB6B6A61520F2B7914F6B70123EEBEE093581D363EAB4701AF84E00B9544CCDBF1DF5D4
                                                                                                                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                                                                                                                        Preview:SessionID=ba316382-33ec-4bf6-9d21-95727ea38c3a.1714109343515 Timestamp=2024-04-26T07:29:03:515+0200 ThreadID=4588 Component=ngl-lib_NglAppLib Description="-------- Initializing session logs --------"..SessionID=ba316382-33ec-4bf6-9d21-95727ea38c3a.1714109343515 Timestamp=2024-04-26T07:29:03:517+0200 ThreadID=4588 Component=ngl-lib_kOperatingConfig Description="GetRuntimeDetails: No operating configs found"..SessionID=ba316382-33ec-4bf6-9d21-95727ea38c3a.1714109343515 Timestamp=2024-04-26T07:29:03:517+0200 ThreadID=4588 Component=ngl-lib_kOperatingConfig Description="GetRuntimeDetails: Fallback to NAMED_USER_ONLINE!!"..SessionID=ba316382-33ec-4bf6-9d21-95727ea38c3a.1714109343515 Timestamp=2024-04-26T07:29:03:517+0200 ThreadID=4588 Component=ngl-lib_NglAppLib Description="SetConfig: OS Name=WINDOWS_64, OS Version=10.0.19045.1"..SessionID=ba316382-33ec-4bf6-9d21-95727ea38c3a.1714109343515 Timestamp=2024-04-26T07:29:03:517+0200 ThreadID=4588 Component=ngl-lib_NglAppLib Description="SetConf

                                                                                                                                                                                                                                                                                                                                        C:\Users\user\AppData\Local\Temp\acrobat_sbx\acroNGLLog.txt

                                                                                                                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                                                                                                                        Process:C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
                                                                                                                                                                                                                                                                                                                                        File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                                                                                                                                                        Size (bytes):29752
                                                                                                                                                                                                                                                                                                                                        Entropy (8bit):5.421975699611809
                                                                                                                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                                                                                                                        SSDEEP:192:0cbgIhPcbocbAIlncb2cbwI/RcbNcbQIVvcbYcbQIJjcbN:fhWlA/TVKJc
                                                                                                                                                                                                                                                                                                                                        MD5:31230289163DDD6F2B72F8D0DE1D294E
                                                                                                                                                                                                                                                                                                                                        SHA1:1A15847566BBD4DFD57CF2C174E8E41ABB604889
                                                                                                                                                                                                                                                                                                                                        SHA-256:2FFEB4039D6BEBFEC07E8DC79A7799AD181AAD04F8BE44D1FCB34673911829B9
                                                                                                                                                                                                                                                                                                                                        SHA-512:EFA266A8A0ABEBAA7F23F36D3BDB3861730705553DB4B66D89429BAD0BA2C286D34041D53300A8DFA85F659FBC52BC50D778E2D5F1862D945DD2F1FDF762D8E8
                                                                                                                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                                                                                                                        Preview:06-10-2023 10:08:42:.---2---..06-10-2023 10:08:42:.AcroNGL Integ ADC-4240758 : ***************************************..06-10-2023 10:08:42:.AcroNGL Integ ADC-4240758 : ***************************************..06-10-2023 10:08:42:.AcroNGL Integ ADC-4240758 : ******** Starting new session ********..06-10-2023 10:08:42:.AcroNGL Integ ADC-4240758 : Starting NGL..06-10-2023 10:08:42:.AcroNGL Integ ADC-4240758 : Setting synchronous launch...06-10-2023 10:08:42:.AcroNGL Integ ADC-4240758 ::::: Configuring as AcrobatReader1..06-10-2023 10:08:42:.AcroNGL Integ ADC-4240758 : NGLAppVersion 23.6.20320.6..06-10-2023 10:08:42:.AcroNGL Integ ADC-4240758 : NGLAppMode NGL_INIT..06-10-2023 10:08:42:.AcroNGL Integ ADC-4240758 : AcroCEFPath, NGLCEFWorkflowModulePath - C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1 C:\Program Files\Adobe\Acrobat DC\Acrobat\NGL\cefWorkflow..06-10-2023 10:08:42:.AcroNGL Integ ADC-4240758 : isNGLExternalBrowserDisabled - No..06-10-2023 10:08:42:.Closing File..06-10-

                                                                                                                                                                                                                                                                                                                                        C:\Users\user\AppData\Local\Temp\mozilla-temp-files\mozilla-temp-41

                                                                                                                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                                                                                                                        Process:C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                                                                                        File Type:ISO Media, MP4 Base Media v1 [ISO 14496-12:2003]
                                                                                                                                                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                                                                                                                                                        Size (bytes):32768
                                                                                                                                                                                                                                                                                                                                        Entropy (8bit):0.4593089050301797
                                                                                                                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                                                                                                                        SSDEEP:48:9SP0nUgwyZXYI65yFRX2D3GNTTfyn0Mk1iA:9SDKaIjo3UzyE1L
                                                                                                                                                                                                                                                                                                                                        MD5:D910AD167F0217587501FDCDB33CC544
                                                                                                                                                                                                                                                                                                                                        SHA1:2F57441CEFDC781011B53C1C5D29AC54835AFC1D
                                                                                                                                                                                                                                                                                                                                        SHA-256:E3699D9404A3FFC1AFF0CA8A3972DC0EF38BDAB927741E9F627C7C55CEA42E81
                                                                                                                                                                                                                                                                                                                                        SHA-512:F1871BF28FF25EE52BDB99C7A80AB715C7CAC164DCD2FD87E681168EE927FD2C5E80E03C91BB638D955A4627213BF575FF4D9EECAEDA7718C128CF2CE8F7CB3D
                                                                                                                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                                                                                                                        Preview:... ftypisom....isomiso2avc1mp41....free....mdat..........E...H..,. .#..x264 - core 152 r2851 ba24899 - H.264/MPEG-4 AVC codec - Copyleft 2003-2017 - http://www.videolan.org/x264.html - options: cabac=1 ref=3 deblock=1:0:0 analyse=0x3:0x113 me=hex subme=7 psy=1 psy_rd=1.00:0.00 mixed_ref=1 me_range=16 chroma_me=1 trellis=1 8x8dct=1 cqm=0 deadzone=21,11 fast_pskip=1 chroma_qp_offset=-2 threads=4 lookahead_threads=1 sliced_threads=0 nr=0 decimate=1 interlaced=0 bluray_compat=0 constrained_intra=0 bframes=3 b_pyramid=2 b_adapt=1 b_bias=0 direct=1 weightb=1 open_gop=0 weightp=2 keyint=250 keyint_min=25 scenecut=40 intra_refresh=0 rc_lookahead=40 rc=crf mbtree=1 crf=23.0 qcomp=0.60 qpmin=0 qpmax=69 qpstep=4 ip_ratio=1.40 aq=1:1.00......e...+...s|.kG3...'.u.."...,J.w.~.d\..(K....!.+..;....h....(.T.*...M......0..~L..8..B..A.y..R..,.zBP.';j.@.].w..........c......C=.'f....gI.$^.......m5V.L...{U..%V[....8......B..i..^,....:...,..5.m.%dA....moov...lmvhd...................(...........

                                                                                                                                                                                                                                                                                                                                        C:\Users\user\AppData\Local\Temp\tmpaddon

                                                                                                                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                                                                                                                        Process:C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                                                                                        File Type:Zip archive data, at least v2.0 to extract, compression method=deflate
                                                                                                                                                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                                                                                                                                                        Size (bytes):453023
                                                                                                                                                                                                                                                                                                                                        Entropy (8bit):7.997718157581587
                                                                                                                                                                                                                                                                                                                                        Encrypted:true
                                                                                                                                                                                                                                                                                                                                        SSDEEP:12288:tESTeqTI2r4ZbCgUKWKNeRcPMb6qlV7hVZe3:tEsed2Xh9/bdzZe3
                                                                                                                                                                                                                                                                                                                                        MD5:85430BAED3398695717B0263807CF97C
                                                                                                                                                                                                                                                                                                                                        SHA1:FFFBEE923CEA216F50FCE5D54219A188A5100F41
                                                                                                                                                                                                                                                                                                                                        SHA-256:A9F4281F82B3579581C389E8583DC9F477C7FD0E20C9DFC91A2E611E21E3407E
                                                                                                                                                                                                                                                                                                                                        SHA-512:06511F1F6C6D44D076B3C593528C26A602348D9C41689DBF5FF716B671C3CA5756B12CB2E5869F836DEDCE27B1A5CFE79B93C707FD01F8E84B620923BB61B5F1
                                                                                                                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                                                                                                                        Preview:PK.........bN...R..........gmpopenh264.dll..|.E.0.=..I.....1....4f1q.`.........q.....'+....h*m{.z..o_.{w........$..($A!...|L...B&A2.s.{..Dd......c.U.U..9u.S...K.l`...../.d.-....|.....&....9......wn..x......i.#O.+.Y.l......+....,3.3f..\..c.SSS,............N...GG...F.'.&.:'.K.Z&.>.@.g..M...M.`...*.........ZR....^jg.G.Kb.o~va.....<Z..1.#.O.e.....D..X..i..$imBW..Q&.......P.....,M.,..:.c...-...\......*.....-i.K.I..4.a..6..*...Ov=...W..F.CH.>...a.'.x...#@f...d..u.1....OV.1o}....g.5.._.3.J.Hi.Z.ipM....b.Z....%.G..F................/..3.q..J.....o...%.g.N.*.}..).3.N%.!..q*........^I.m..~...6.#.~+.....A...I]r...x..*.<IYj....p0..`S.M@.E..f.=.;!.@.....E..E....... .0.n....Jd..d......uM.-.qI.lR..z..=}..r.D.XLZ....x.$..|c.1.cUkM.&.Qn]..a]t.h..*.!.6 7..Jd.DvKJ"Wgd*%n...w...Jni.inmr.@M.$'Z.s....#)%..Rs..:.h....R....\..t.6..'.g.........Uj+F.cr:|..!..K.W.Y...17......,....r.....>.N..3.R.Y.._\...Ir.DNJdM... .k...&V-....z.%...-...D..i..&...6....7.2T).>..0..%.&.

                                                                                                                                                                                                                                                                                                                                        C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\sp4c0p22.default-release\ExperimentStoreData.json (copy)

                                                                                                                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                                                                                                                        Process:C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                                                                                        File Type:JSON data
                                                                                                                                                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                                                                                                                                                        Size (bytes):3621
                                                                                                                                                                                                                                                                                                                                        Entropy (8bit):4.928571202533075
                                                                                                                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                                                                                                                        SSDEEP:48:YnSwkmrOIfPUFuOdwNIOdoWLEWLtkDB/u4x5FBvipA6kbSathfkLuhakNT9c5xeh:8S+OIfPUFuOdwNIOd8jvYR0uLgI8P
                                                                                                                                                                                                                                                                                                                                        MD5:469CFB3E65F596F8F8297C64D76D3435
                                                                                                                                                                                                                                                                                                                                        SHA1:E9000604A6A042CCA2183D87BE657B42D529B8BA
                                                                                                                                                                                                                                                                                                                                        SHA-256:E57BAFBE8884314927D392CE317745B69BF63B4DA4150B368E346DB314F1BBD2
                                                                                                                                                                                                                                                                                                                                        SHA-512:CED35101C725A814C8AFA12E6E591725A7947E7F815126F2EF0FB7BDD5B655C974CECE0E48DA1A20225A419511491FD509B84BAEC2162C06E89AD8DADAC59FC5
                                                                                                                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                                                                                                                        Preview:{"csv-import-release-rollout":{"slug":"csv-import-release-rollout","branch":{"slug":"enable-csv-import","ratio":1,"feature":{"value":{},"enabled":false,"featureId":"this-is-included-for-desktop-pre-95-support"},"features":[{"value":{"csvImport":true},"enabled":true,"featureId":"cm-csv-import"}]},"active":true,"enrollmentId":"9c4f630b-d3dc-4236-9fe2-a1415309e4e4","experimentType":"rollout","source":"rs-loader","userFacingName":"CSV Import (Release Rollout)","userFacingDescription":"This rollout enables users to import logins from a CSV file from the about:logins page.","lastSeen":"2023-10-06T09:08:30.452Z","featureIds":["cm-csv-import"],"prefs":[{"name":"signon.management.page.fileImport.enabled","branch":"default","featureId":"cm-csv-import","variable":"csvImport","originalValue":false}],"isRollout":true},"serp-ad-telemetry-rollout":{"slug":"serp-ad-telemetry-rollout","branch":{"slug":"control","ratio":1,"feature":{"value":{},"enabled":false,"featureId":"this-is-included-for-desktop-pr

                                                                                                                                                                                                                                                                                                                                        C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\sp4c0p22.default-release\ExperimentStoreData.json.tmp

                                                                                                                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                                                                                                                        Process:C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                                                                                        File Type:JSON data
                                                                                                                                                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                                                                                                                                                        Size (bytes):3621
                                                                                                                                                                                                                                                                                                                                        Entropy (8bit):4.928571202533075
                                                                                                                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                                                                                                                        SSDEEP:48:YnSwkmrOIfPUFuOdwNIOdoWLEWLtkDB/u4x5FBvipA6kbSathfkLuhakNT9c5xeh:8S+OIfPUFuOdwNIOd8jvYR0uLgI8P
                                                                                                                                                                                                                                                                                                                                        MD5:469CFB3E65F596F8F8297C64D76D3435
                                                                                                                                                                                                                                                                                                                                        SHA1:E9000604A6A042CCA2183D87BE657B42D529B8BA
                                                                                                                                                                                                                                                                                                                                        SHA-256:E57BAFBE8884314927D392CE317745B69BF63B4DA4150B368E346DB314F1BBD2
                                                                                                                                                                                                                                                                                                                                        SHA-512:CED35101C725A814C8AFA12E6E591725A7947E7F815126F2EF0FB7BDD5B655C974CECE0E48DA1A20225A419511491FD509B84BAEC2162C06E89AD8DADAC59FC5
                                                                                                                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                                                                                                                        Preview:{"csv-import-release-rollout":{"slug":"csv-import-release-rollout","branch":{"slug":"enable-csv-import","ratio":1,"feature":{"value":{},"enabled":false,"featureId":"this-is-included-for-desktop-pre-95-support"},"features":[{"value":{"csvImport":true},"enabled":true,"featureId":"cm-csv-import"}]},"active":true,"enrollmentId":"9c4f630b-d3dc-4236-9fe2-a1415309e4e4","experimentType":"rollout","source":"rs-loader","userFacingName":"CSV Import (Release Rollout)","userFacingDescription":"This rollout enables users to import logins from a CSV file from the about:logins page.","lastSeen":"2023-10-06T09:08:30.452Z","featureIds":["cm-csv-import"],"prefs":[{"name":"signon.management.page.fileImport.enabled","branch":"default","featureId":"cm-csv-import","variable":"csvImport","originalValue":false}],"isRollout":true},"serp-ad-telemetry-rollout":{"slug":"serp-ad-telemetry-rollout","branch":{"slug":"control","ratio":1,"feature":{"value":{},"enabled":false,"featureId":"this-is-included-for-desktop-pr

                                                                                                                                                                                                                                                                                                                                        C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\sp4c0p22.default-release\addonStartup.json.lz4 (copy)

                                                                                                                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                                                                                                                        Process:C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                                                                                        File Type:Mozilla lz4 compressed data, originally 23432 bytes
                                                                                                                                                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                                                                                                                                                        Size (bytes):5312
                                                                                                                                                                                                                                                                                                                                        Entropy (8bit):6.615424734763731
                                                                                                                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                                                                                                                        SSDEEP:96:V2YbKsKNU2xWrp327tGmD4wBON6h6cHaJVJuZMd0JGkkrw2D:VTx2x2t0FDJ4NpwZMd0EJws
                                                                                                                                                                                                                                                                                                                                        MD5:1B9C8056D3619CE5A8C59B0C09873F17
                                                                                                                                                                                                                                                                                                                                        SHA1:1015C630E1937AA63F6AB31743782ECB5D78CCD8
                                                                                                                                                                                                                                                                                                                                        SHA-256:A6AE5DE0733FED050AB570AD9374FF4593D554F695B5AE4E2495871D171D34A3
                                                                                                                                                                                                                                                                                                                                        SHA-512:B1DC9CC675D5476C270A2D5B214D3DF2B3856576ED7EFE92D9A606C2D9D34E781018902AE75CE9C1E25007BB7F8D8F7B52997E6F05B845EF44BAF22F614FE899
                                                                                                                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                                                                                                                        Preview:mozLz40..[....{"app-system-defaults":{"addon....formautofill@mozilla.org&..Gdependencies":[],"enabled":true,"lastModifiedTime":1695865283000,"loader":null,"path":s.....xpi","recommendationStateA...rootURI":"jar:file:///C:/Program%20Files/M.......refox/browser/features/...... !/...unInSafeMode..wsignedD...telemetryKey..7%40R...:1.0.1","version":"..`},"pic..#in.....T.n..w...........S.......(.[......0....0"},"screenshots..T.r.....[.......(.V....-39.......},"webcompat-reporter...Ofals..&.z.....[.......(.]....=1.5.............<.)....p....d......1.z.!18...5.....startupData...pX.astentL..!er...webRequest%..onBefore...[[{"incognitoi.UtabId..!yp...."main_frame"],"url...."*://login.microsoftonline.com/*","..@us/*L.dwindows...},["blocking"]],...Iimag...https://smartT.".f.....etp/facebook.svg",...Aplay*....8`script...P.....-....-testbed.herokuapp\.`shims_..3.jsh.bexampl|.......Pexten{..Q../?..s...S.J/_2..@&_3U..s7.addthis . ic...officialK......-angularjs/current/dist(..t.min.js...track.adB...net/s

                                                                                                                                                                                                                                                                                                                                        C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\sp4c0p22.default-release\addonStartup.json.lz4.tmp

                                                                                                                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                                                                                                                        Process:C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                                                                                        File Type:Mozilla lz4 compressed data, originally 23432 bytes
                                                                                                                                                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                                                                                                                                                        Size (bytes):5312
                                                                                                                                                                                                                                                                                                                                        Entropy (8bit):6.615424734763731
                                                                                                                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                                                                                                                        SSDEEP:96:V2YbKsKNU2xWrp327tGmD4wBON6h6cHaJVJuZMd0JGkkrw2D:VTx2x2t0FDJ4NpwZMd0EJws
                                                                                                                                                                                                                                                                                                                                        MD5:1B9C8056D3619CE5A8C59B0C09873F17
                                                                                                                                                                                                                                                                                                                                        SHA1:1015C630E1937AA63F6AB31743782ECB5D78CCD8
                                                                                                                                                                                                                                                                                                                                        SHA-256:A6AE5DE0733FED050AB570AD9374FF4593D554F695B5AE4E2495871D171D34A3
                                                                                                                                                                                                                                                                                                                                        SHA-512:B1DC9CC675D5476C270A2D5B214D3DF2B3856576ED7EFE92D9A606C2D9D34E781018902AE75CE9C1E25007BB7F8D8F7B52997E6F05B845EF44BAF22F614FE899
                                                                                                                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                                                                                                                        Preview:mozLz40..[....{"app-system-defaults":{"addon....formautofill@mozilla.org&..Gdependencies":[],"enabled":true,"lastModifiedTime":1695865283000,"loader":null,"path":s.....xpi","recommendationStateA...rootURI":"jar:file:///C:/Program%20Files/M.......refox/browser/features/...... !/...unInSafeMode..wsignedD...telemetryKey..7%40R...:1.0.1","version":"..`},"pic..#in.....T.n..w...........S.......(.[......0....0"},"screenshots..T.r.....[.......(.V....-39.......},"webcompat-reporter...Ofals..&.z.....[.......(.]....=1.5.............<.)....p....d......1.z.!18...5.....startupData...pX.astentL..!er...webRequest%..onBefore...[[{"incognitoi.UtabId..!yp...."main_frame"],"url...."*://login.microsoftonline.com/*","..@us/*L.dwindows...},["blocking"]],...Iimag...https://smartT.".f.....etp/facebook.svg",...Aplay*....8`script...P.....-....-testbed.herokuapp\.`shims_..3.jsh.bexampl|.......Pexten{..Q../?..s...S.J/_2..@&_3U..s7.addthis . ic...officialK......-angularjs/current/dist(..t.min.js...track.adB...net/s

                                                                                                                                                                                                                                                                                                                                        C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\sp4c0p22.default-release\addons.json (copy)

                                                                                                                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                                                                                                                        Process:C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                                                                                        File Type:JSON data
                                                                                                                                                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                                                                                                                                                        Size (bytes):24
                                                                                                                                                                                                                                                                                                                                        Entropy (8bit):3.91829583405449
                                                                                                                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                                                                                                                        SSDEEP:3:YWGifTJE6iHQ:YWGif9EE
                                                                                                                                                                                                                                                                                                                                        MD5:3088F0272D29FAA42ED452C5E8120B08
                                                                                                                                                                                                                                                                                                                                        SHA1:C72AA542EF60AFA3DF5DFE1F9FCC06C0B135BE23
                                                                                                                                                                                                                                                                                                                                        SHA-256:D587CEC944023447DC91BC5F71E2291711BA5ADD337464837909A26F34BC5A06
                                                                                                                                                                                                                                                                                                                                        SHA-512:B662414EDD6DEF8589304904263584847586ECCA0B0E6296FB3ADB2192D92FB48697C99BD27C4375D192150E3F99102702AF2391117FFF50A9763C74C193D798
                                                                                                                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                                                                                                                        Preview:{"schema":6,"addons":[]}

                                                                                                                                                                                                                                                                                                                                        C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\sp4c0p22.default-release\addons.json.tmp

                                                                                                                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                                                                                                                        Process:C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                                                                                        File Type:JSON data
                                                                                                                                                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                                                                                                                                                        Size (bytes):24
                                                                                                                                                                                                                                                                                                                                        Entropy (8bit):3.91829583405449
                                                                                                                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                                                                                                                        SSDEEP:3:YWGifTJE6iHQ:YWGif9EE
                                                                                                                                                                                                                                                                                                                                        MD5:3088F0272D29FAA42ED452C5E8120B08
                                                                                                                                                                                                                                                                                                                                        SHA1:C72AA542EF60AFA3DF5DFE1F9FCC06C0B135BE23
                                                                                                                                                                                                                                                                                                                                        SHA-256:D587CEC944023447DC91BC5F71E2291711BA5ADD337464837909A26F34BC5A06
                                                                                                                                                                                                                                                                                                                                        SHA-512:B662414EDD6DEF8589304904263584847586ECCA0B0E6296FB3ADB2192D92FB48697C99BD27C4375D192150E3F99102702AF2391117FFF50A9763C74C193D798
                                                                                                                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                                                                                                                        Preview:{"schema":6,"addons":[]}

                                                                                                                                                                                                                                                                                                                                        C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\sp4c0p22.default-release\content-prefs.sqlite

                                                                                                                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                                                                                                                        Process:C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                                                                                        File Type:SQLite 3.x database, user version 5, last written using SQLite version 3042000, page size 32768, file counter 4, database pages 8, cookie 0x6, schema 4, largest root page 8, UTF-8, vacuum mode 1, version-valid-for 4
                                                                                                                                                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                                                                                                                                                        Size (bytes):262144
                                                                                                                                                                                                                                                                                                                                        Entropy (8bit):0.04905141882491872
                                                                                                                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                                                                                                                        SSDEEP:24:DLSvwae+Q8Uu50xj0aWe9LxYkKA25Q5tvAA:DKwae+QtMImelekKDa5
                                                                                                                                                                                                                                                                                                                                        MD5:8736A542C5564A922C47B19D9CC5E0F2
                                                                                                                                                                                                                                                                                                                                        SHA1:CE9D58967DA9B5356D6C1D8A482F9CE74DA9097A
                                                                                                                                                                                                                                                                                                                                        SHA-256:97CE5D8AFBB0AA610219C4FAC3927E32C91BFFD9FD971AF68C718E7B27E40077
                                                                                                                                                                                                                                                                                                                                        SHA-512:99777325893DC7A95FD49B2DA18D32D65F97CC7A8E482D78EDC32F63245457FA5A52750800C074D552D20B6A215604161FDC88763D93C76A8703470C3064196B
                                                                                                                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                                                                                                                        Preview:SQLite format 3......@ ..........................................................................j......|....~.}.}z}-|.................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                                                        C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\sp4c0p22.default-release\crashes\store.json.mozlz4 (copy)

                                                                                                                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                                                                                                                        Process:C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                                                                                        File Type:Mozilla lz4 compressed data, originally 56 bytes
                                                                                                                                                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                                                                                                                                                        Size (bytes):66
                                                                                                                                                                                                                                                                                                                                        Entropy (8bit):4.837595020998689
                                                                                                                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                                                                                                                        SSDEEP:3:3fX/xH8IXl/I3v0lb7iioW:vXpH1RPXt
                                                                                                                                                                                                                                                                                                                                        MD5:A6338865EB252D0EF8FCF11FA9AF3F0D
                                                                                                                                                                                                                                                                                                                                        SHA1:CECDD4C4DCAE10C2FFC8EB938121B6231DE48CD3
                                                                                                                                                                                                                                                                                                                                        SHA-256:078648C042B9B08483CE246B7F01371072541A2E90D1BEB0C8009A6118CBD965
                                                                                                                                                                                                                                                                                                                                        SHA-512:D950227AC83F4E8246D73F9F35C19E88CE65D0CA5F1EF8CCBB02ED6EFC66B1B7E683E2BA0200279D7CA4B49831FD8C3CEB0584265B10ACCFF2611EC1CA8C0C6C
                                                                                                                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                                                                                                                        Preview:mozLz40.8.....{"v":1,"crashes":{},"countsByDay....rruptDate":null}

                                                                                                                                                                                                                                                                                                                                        C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\sp4c0p22.default-release\crashes\store.json.mozlz4.tmp

                                                                                                                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                                                                                                                        Process:C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                                                                                        File Type:Mozilla lz4 compressed data, originally 56 bytes
                                                                                                                                                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                                                                                                                                                        Size (bytes):66
                                                                                                                                                                                                                                                                                                                                        Entropy (8bit):4.837595020998689
                                                                                                                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                                                                                                                        SSDEEP:3:3fX/xH8IXl/I3v0lb7iioW:vXpH1RPXt
                                                                                                                                                                                                                                                                                                                                        MD5:A6338865EB252D0EF8FCF11FA9AF3F0D
                                                                                                                                                                                                                                                                                                                                        SHA1:CECDD4C4DCAE10C2FFC8EB938121B6231DE48CD3
                                                                                                                                                                                                                                                                                                                                        SHA-256:078648C042B9B08483CE246B7F01371072541A2E90D1BEB0C8009A6118CBD965
                                                                                                                                                                                                                                                                                                                                        SHA-512:D950227AC83F4E8246D73F9F35C19E88CE65D0CA5F1EF8CCBB02ED6EFC66B1B7E683E2BA0200279D7CA4B49831FD8C3CEB0584265B10ACCFF2611EC1CA8C0C6C
                                                                                                                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                                                                                                                        Preview:mozLz40.8.....{"v":1,"crashes":{},"countsByDay....rruptDate":null}

                                                                                                                                                                                                                                                                                                                                        C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\sp4c0p22.default-release\extensions.json (copy)

                                                                                                                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                                                                                                                        Process:C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                                                                                        File Type:JSON data
                                                                                                                                                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                                                                                                                                                        Size (bytes):36830
                                                                                                                                                                                                                                                                                                                                        Entropy (8bit):5.187080624303907
                                                                                                                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                                                                                                                        SSDEEP:768:9I4ivfiXD4R6C444ylW47s48yilvs4/4ji4P4a4Bd4U:9i1AyQvP
                                                                                                                                                                                                                                                                                                                                        MD5:5774E6BEEB8C63A660A4C37E130F7D30
                                                                                                                                                                                                                                                                                                                                        SHA1:B3F7B89A4A143BA839593F6368822C5E7C0FE20D
                                                                                                                                                                                                                                                                                                                                        SHA-256:E2C331AEE64E1D381A7D9E579E7EB7236AFDE83239780D18945DE3152602E610
                                                                                                                                                                                                                                                                                                                                        SHA-512:2F16D11971091141224DFF45721E96E5617CCA12E6EC5AC037770D35251CEC28D8758929474424F01B2BBD6236EDBCE82CD2E20FECE3A95E5C0173E345979E47
                                                                                                                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                                                                                                                        Preview:{"schemaVersion":35,"addons":[{"id":"formautofill@mozilla.org","syncGUID":"{45005050-3e88-41ad-8766-e52c88f37369}","version":"1.0.1","type":"extension","loader":null,"updateURL":null,"installOrigins":null,"manifestVersion":2,"optionsURL":null,"optionsType":null,"optionsBrowserStyle":true,"aboutURL":null,"defaultLocale":{"name":"Form Autofill","creator":null,"developers":null,"translators":null,"contributors":null},"visible":true,"active":true,"userDisabled":false,"appDisabled":false,"embedderDisabled":false,"installDate":1695865283000,"updateDate":1695865283000,"applyBackgroundUpdates":1,"path":"C:\\Program Files\\Mozilla Firefox\\browser\\features\\formautofill@mozilla.org.xpi","skinnable":false,"sourceURI":null,"releaseNotesURI":null,"softDisabled":false,"foreignInstall":false,"strictCompatibility":true,"locales":[],"targetApplications":[{"id":"toolkit@mozilla.org","minVersion":null,"maxVersion":null}],"targetPlatforms":[],"signedDate":null,"seen":true,"dependencies":[],"incognito":"

                                                                                                                                                                                                                                                                                                                                        C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\sp4c0p22.default-release\extensions.json.tmp

                                                                                                                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                                                                                                                        Process:C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                                                                                        File Type:JSON data
                                                                                                                                                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                                                                                                                                                        Size (bytes):36830
                                                                                                                                                                                                                                                                                                                                        Entropy (8bit):5.187080624303907
                                                                                                                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                                                                                                                        SSDEEP:768:9I4ivfiXD4R6C444ylW47s48yilvs4/4ji4P4a4Bd4U:9i1AyQvP
                                                                                                                                                                                                                                                                                                                                        MD5:5774E6BEEB8C63A660A4C37E130F7D30
                                                                                                                                                                                                                                                                                                                                        SHA1:B3F7B89A4A143BA839593F6368822C5E7C0FE20D
                                                                                                                                                                                                                                                                                                                                        SHA-256:E2C331AEE64E1D381A7D9E579E7EB7236AFDE83239780D18945DE3152602E610
                                                                                                                                                                                                                                                                                                                                        SHA-512:2F16D11971091141224DFF45721E96E5617CCA12E6EC5AC037770D35251CEC28D8758929474424F01B2BBD6236EDBCE82CD2E20FECE3A95E5C0173E345979E47
                                                                                                                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                                                                                                                        Preview:{"schemaVersion":35,"addons":[{"id":"formautofill@mozilla.org","syncGUID":"{45005050-3e88-41ad-8766-e52c88f37369}","version":"1.0.1","type":"extension","loader":null,"updateURL":null,"installOrigins":null,"manifestVersion":2,"optionsURL":null,"optionsType":null,"optionsBrowserStyle":true,"aboutURL":null,"defaultLocale":{"name":"Form Autofill","creator":null,"developers":null,"translators":null,"contributors":null},"visible":true,"active":true,"userDisabled":false,"appDisabled":false,"embedderDisabled":false,"installDate":1695865283000,"updateDate":1695865283000,"applyBackgroundUpdates":1,"path":"C:\\Program Files\\Mozilla Firefox\\browser\\features\\formautofill@mozilla.org.xpi","skinnable":false,"sourceURI":null,"releaseNotesURI":null,"softDisabled":false,"foreignInstall":false,"strictCompatibility":true,"locales":[],"targetApplications":[{"id":"toolkit@mozilla.org","minVersion":null,"maxVersion":null}],"targetPlatforms":[],"signedDate":null,"seen":true,"dependencies":[],"incognito":"

                                                                                                                                                                                                                                                                                                                                        C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\sp4c0p22.default-release\favicons.sqlite-shm

                                                                                                                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                                                                                                                        Process:C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                                                                                        File Type:data
                                                                                                                                                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                                                                                                                                                        Size (bytes):32768
                                                                                                                                                                                                                                                                                                                                        Entropy (8bit):0.017262956703125623
                                                                                                                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                                                                                                                        SSDEEP:3:G8lQs2TSlElQs2TtPRp//:G0QjSaQjrpX
                                                                                                                                                                                                                                                                                                                                        MD5:B7C14EC6110FA820CA6B65F5AEC85911
                                                                                                                                                                                                                                                                                                                                        SHA1:608EEB7488042453C9CA40F7E1398FC1A270F3F4
                                                                                                                                                                                                                                                                                                                                        SHA-256:FD4C9FDA9CD3F9AE7C962B0DDF37232294D55580E1AA165AA06129B8549389EB
                                                                                                                                                                                                                                                                                                                                        SHA-512:D8D75760F29B1E27AC9430BC4F4FFCEC39F1590BE5AEF2BFB5A535850302E067C288EF59CF3B2C5751009A22A6957733F9F80FA18F2B0D33D90C068A3F08F3B0
                                                                                                                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                                                                                                                        Preview:..-.....................................8...5.....-.....................................8...5...........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                                                        C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\sp4c0p22.default-release\gmp-gmpopenh264\1.8.1.2\gmpopenh264.dll (copy)

                                                                                                                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                                                                                                                        Process:C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                                                                                        File Type:PE32+ executable (DLL) (GUI) x86-64, for MS Windows
                                                                                                                                                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                                                                                                                                                        Size (bytes):1021904
                                                                                                                                                                                                                                                                                                                                        Entropy (8bit):6.648417932394748
                                                                                                                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                                                                                                                        SSDEEP:12288:vYLdTfFKbNSjv92eFN+3wH+NYriA0Iq6lh6VawYIpAvwHN/Uf1h47HAfg1oet:vYLdTZ923NYrjwNpgwef1hzfg1x
                                                                                                                                                                                                                                                                                                                                        MD5:FE3355639648C417E8307C6D051E3E37
                                                                                                                                                                                                                                                                                                                                        SHA1:F54602D4B4778DA21BC97C7238FC66AA68C8EE34
                                                                                                                                                                                                                                                                                                                                        SHA-256:1ED7877024BE63A049DA98733FD282C16BD620530A4FB580DACEC3A78ACE914E
                                                                                                                                                                                                                                                                                                                                        SHA-512:8F4030BB2464B98ECCBEA6F06EB186D7216932702D94F6B84C56419E9CF65A18309711AB342D1513BF85AED402BC3535A70DB4395874828F0D35C278DD2EAC9C
                                                                                                                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                                                                                                                        Antivirus:
                                                                                                                                                                                                                                                                                                                                        • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                                                                                                                                                                        • Antivirus: Virustotal, Detection: 0%, Browse
                                                                                                                                                                                                                                                                                                                                        Joe Sandbox View:
                                                                                                                                                                                                                                                                                                                                        • Filename: , Detection: malicious, Browse
                                                                                                                                                                                                                                                                                                                                        • Filename: Cheater Pro 1.6.0.msi, Detection: malicious, Browse
                                                                                                                                                                                                                                                                                                                                        • Filename: Cheat Lab 2.7.2.msi, Detection: malicious, Browse
                                                                                                                                                                                                                                                                                                                                        • Filename: Evernote.exe, Detection: malicious, Browse
                                                                                                                                                                                                                                                                                                                                        • Filename: , Detection: malicious, Browse
                                                                                                                                                                                                                                                                                                                                        • Filename: vm.dll, Detection: malicious, Browse
                                                                                                                                                                                                                                                                                                                                        • Filename: W2_AND_1095_PDF.jar, Detection: malicious, Browse
                                                                                                                                                                                                                                                                                                                                        • Filename: UpdaterTag.dll, Detection: malicious, Browse
                                                                                                                                                                                                                                                                                                                                        • Filename: YmXa44bW67.exe, Detection: malicious, Browse
                                                                                                                                                                                                                                                                                                                                        • Filename: YmXa44bW67.exe, Detection: malicious, Browse
                                                                                                                                                                                                                                                                                                                                        Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......NH...)...)...)..eM...)..eM...)..eM..)..eM...)...)..i)..XA...)..XA..;)..XA...)...)..g)..cA...)..cA...)..Rich.)..........PE..d....z\.........." .....t................................................................`.........................................P...,...|...(............P...H...z.................T...........................0...................p............................text...$s.......t.................. ..`.rdata...~...........x..............@..@.data....3..........................@....pdata...H...P...J..................@..@.rodata..............^..............@..@.reloc...............j..............@..B........................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                                                        C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\sp4c0p22.default-release\gmp-gmpopenh264\1.8.1.2\gmpopenh264.dll.tmp

                                                                                                                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                                                                                                                        Process:C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                                                                                        File Type:PE32+ executable (DLL) (GUI) x86-64, for MS Windows
                                                                                                                                                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                                                                                                                                                        Size (bytes):1021904
                                                                                                                                                                                                                                                                                                                                        Entropy (8bit):6.648417932394748
                                                                                                                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                                                                                                                        SSDEEP:12288:vYLdTfFKbNSjv92eFN+3wH+NYriA0Iq6lh6VawYIpAvwHN/Uf1h47HAfg1oet:vYLdTZ923NYrjwNpgwef1hzfg1x
                                                                                                                                                                                                                                                                                                                                        MD5:FE3355639648C417E8307C6D051E3E37
                                                                                                                                                                                                                                                                                                                                        SHA1:F54602D4B4778DA21BC97C7238FC66AA68C8EE34
                                                                                                                                                                                                                                                                                                                                        SHA-256:1ED7877024BE63A049DA98733FD282C16BD620530A4FB580DACEC3A78ACE914E
                                                                                                                                                                                                                                                                                                                                        SHA-512:8F4030BB2464B98ECCBEA6F06EB186D7216932702D94F6B84C56419E9CF65A18309711AB342D1513BF85AED402BC3535A70DB4395874828F0D35C278DD2EAC9C
                                                                                                                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                                                                                                                        Antivirus:
                                                                                                                                                                                                                                                                                                                                        • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                                                                                                                                                                        • Antivirus: Virustotal, Detection: 0%, Browse
                                                                                                                                                                                                                                                                                                                                        Joe Sandbox View:
                                                                                                                                                                                                                                                                                                                                        • Filename: , Detection: malicious, Browse
                                                                                                                                                                                                                                                                                                                                        • Filename: Cheater Pro 1.6.0.msi, Detection: malicious, Browse
                                                                                                                                                                                                                                                                                                                                        • Filename: Cheat Lab 2.7.2.msi, Detection: malicious, Browse
                                                                                                                                                                                                                                                                                                                                        • Filename: Evernote.exe, Detection: malicious, Browse
                                                                                                                                                                                                                                                                                                                                        • Filename: , Detection: malicious, Browse
                                                                                                                                                                                                                                                                                                                                        • Filename: vm.dll, Detection: malicious, Browse
                                                                                                                                                                                                                                                                                                                                        • Filename: W2_AND_1095_PDF.jar, Detection: malicious, Browse
                                                                                                                                                                                                                                                                                                                                        • Filename: UpdaterTag.dll, Detection: malicious, Browse
                                                                                                                                                                                                                                                                                                                                        • Filename: YmXa44bW67.exe, Detection: malicious, Browse
                                                                                                                                                                                                                                                                                                                                        • Filename: YmXa44bW67.exe, Detection: malicious, Browse
                                                                                                                                                                                                                                                                                                                                        Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......NH...)...)...)..eM...)..eM...)..eM..)..eM...)...)..i)..XA...)..XA..;)..XA...)...)..g)..cA...)..cA...)..Rich.)..........PE..d....z\.........." .....t................................................................`.........................................P...,...|...(............P...H...z.................T...........................0...................p............................text...$s.......t.................. ..`.rdata...~...........x..............@..@.data....3..........................@....pdata...H...P...J..................@..@.rodata..............^..............@..@.reloc...............j..............@..B........................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                                                        C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\sp4c0p22.default-release\gmp-gmpopenh264\1.8.1.2\gmpopenh264.info (copy)

                                                                                                                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                                                                                                                        Process:C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                                                                                        File Type:ASCII text
                                                                                                                                                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                                                                                                                                                        Size (bytes):116
                                                                                                                                                                                                                                                                                                                                        Entropy (8bit):4.968220104601006
                                                                                                                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                                                                                                                        SSDEEP:3:C3OuN9RAM7VDXcEzq+rEakOvTMBv+FdBAIABv+FEn:0BDUmHlvAWeWEn
                                                                                                                                                                                                                                                                                                                                        MD5:3D33CDC0B3D281E67DD52E14435DD04F
                                                                                                                                                                                                                                                                                                                                        SHA1:4DB88689282FD4F9E9E6AB95FCBB23DF6E6485DB
                                                                                                                                                                                                                                                                                                                                        SHA-256:F526E9F98841D987606EFEAFF7F3E017BA9FD516C4BE83890C7F9A093EA4C47B
                                                                                                                                                                                                                                                                                                                                        SHA-512:A4A96743332CC8EF0F86BC2E6122618BFC75ED46781DADBAC9E580CD73DF89E74738638A2CCCB4CAA4CBBF393D771D7F2C73F825737CDB247362450A0D4A4BC1
                                                                                                                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                                                                                                                        Preview:Name: gmpopenh264.Description: GMP Plugin for OpenH264..Version: 1.8.1.APIs: encode-video[h264], decode-video[h264].

                                                                                                                                                                                                                                                                                                                                        C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\sp4c0p22.default-release\gmp-gmpopenh264\1.8.1.2\gmpopenh264.info.tmp

                                                                                                                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                                                                                                                        Process:C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                                                                                        File Type:ASCII text
                                                                                                                                                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                                                                                                                                                        Size (bytes):116
                                                                                                                                                                                                                                                                                                                                        Entropy (8bit):4.968220104601006
                                                                                                                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                                                                                                                        SSDEEP:3:C3OuN9RAM7VDXcEzq+rEakOvTMBv+FdBAIABv+FEn:0BDUmHlvAWeWEn
                                                                                                                                                                                                                                                                                                                                        MD5:3D33CDC0B3D281E67DD52E14435DD04F
                                                                                                                                                                                                                                                                                                                                        SHA1:4DB88689282FD4F9E9E6AB95FCBB23DF6E6485DB
                                                                                                                                                                                                                                                                                                                                        SHA-256:F526E9F98841D987606EFEAFF7F3E017BA9FD516C4BE83890C7F9A093EA4C47B
                                                                                                                                                                                                                                                                                                                                        SHA-512:A4A96743332CC8EF0F86BC2E6122618BFC75ED46781DADBAC9E580CD73DF89E74738638A2CCCB4CAA4CBBF393D771D7F2C73F825737CDB247362450A0D4A4BC1
                                                                                                                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                                                                                                                        Preview:Name: gmpopenh264.Description: GMP Plugin for OpenH264..Version: 1.8.1.APIs: encode-video[h264], decode-video[h264].

                                                                                                                                                                                                                                                                                                                                        C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\sp4c0p22.default-release\places.sqlite-shm

                                                                                                                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                                                                                                                        Process:C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                                                                                        File Type:data
                                                                                                                                                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                                                                                                                                                        Size (bytes):32768
                                                                                                                                                                                                                                                                                                                                        Entropy (8bit):0.05663998597949932
                                                                                                                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                                                                                                                        SSDEEP:6:G4lTJeWExlTJeWETl9XIpFl/Ocl/nl/Rl/D86E8M:lTgfTgHHOl/hvl/Rl/vE8M
                                                                                                                                                                                                                                                                                                                                        MD5:A58210E6F76937A6212D6717C6A8F01E
                                                                                                                                                                                                                                                                                                                                        SHA1:FB35716299556200795C1C57563AD8CAF762C6AC
                                                                                                                                                                                                                                                                                                                                        SHA-256:F0086E49E61B8521C75539808D9E7ECDB8F0C34609C59F55300779B95ED27079
                                                                                                                                                                                                                                                                                                                                        SHA-512:75E84CBB0BDB2FB0AA11CE5BC0602238D2FE992848AF9EAA22BCB0DAB67A915A650B513E6F23155CA63234A86DE1049807FE24AB052315ACE470FA4FA015530F
                                                                                                                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                                                                                                                        Preview:..-.....................L..?..+*...U..!..A.|....-.....................L..?..+*...U..!..A.|..........................................................................................................!..."...#...$...!..."...#...$...................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                                                        C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\sp4c0p22.default-release\places.sqlite-wal

                                                                                                                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                                                                                                                        Process:C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                                                                                        File Type:SQLite Write-Ahead Log, version 3007000
                                                                                                                                                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                                                                                                                                                        Size (bytes):787040
                                                                                                                                                                                                                                                                                                                                        Entropy (8bit):0.06596458137592821
                                                                                                                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                                                                                                                        SSDEEP:96:aJPjIKNiYognveM+TzJUo61li3+Fz+eWtd/Q:aJbIKNiYogWMeSs3+Fylo
                                                                                                                                                                                                                                                                                                                                        MD5:02BCAA01899841F411833B3A5192BCD4
                                                                                                                                                                                                                                                                                                                                        SHA1:5875A0209CA0D4D404DC6F16CF0DD69FC018B99D
                                                                                                                                                                                                                                                                                                                                        SHA-256:5DEACF06A0832A2E0CBA52C16B91F280D64407816A3DD6075695678FDD69EF26
                                                                                                                                                                                                                                                                                                                                        SHA-512:28DF5CB55738CCB8DE3361A734818F880F040CB0E2180A329B2D79F84CED046B4B54DF4BBAB095C85D0D47302A4073EF83403CB3FACA015CEBD142D5F12B0746
                                                                                                                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                                                                                                                        Preview:7....-.............U..hZ...].K...........U...p..3>;.................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                                                        C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\sp4c0p22.default-release\prefs-1.js

                                                                                                                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                                                                                                                        Process:C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                                                                                        File Type:ASCII text, with very long lines (1717), with CRLF line terminators
                                                                                                                                                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                                                                                                                                                        Size (bytes):13212
                                                                                                                                                                                                                                                                                                                                        Entropy (8bit):5.482860338379561
                                                                                                                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                                                                                                                        SSDEEP:192:HnOCRvo1YYbBp6zDLZwxhaXq6+h+hLNgr5RuFNBw8dlSl:deUFwxAvXeEwS0
                                                                                                                                                                                                                                                                                                                                        MD5:01ACDFCD1DBAE845F0F6A6FC6CF037E8
                                                                                                                                                                                                                                                                                                                                        SHA1:B211273650DFB0904BC0001427A346270B031AD2
                                                                                                                                                                                                                                                                                                                                        SHA-256:2E2387EBC709803DF5B6721D98012E958C1FC0A32ECCD574E29EB35F02F5F3FF
                                                                                                                                                                                                                                                                                                                                        SHA-512:C1593395141C6FECF4306A81CA04223FC550EBFE9B9B3DF28BFF1FC829DC87018A2143E63AC03A26A810AF0862AD0E3E80FB8BD01974144D6A73BB3DF786797B
                                                                                                                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                                                                                                                        Preview:// Mozilla User Preferences....// DO NOT EDIT THIS FILE...//..// If you make changes to this file while the application is running,..// the changes will be overwritten when the application exits...//..// To change a preference value, you can either:..// - modify it via the UI (e.g. via about:config in the browser); or..// - set it within a user.js file in your profile.....user_pref("app.normandy.first_run", false);..user_pref("app.normandy.migrationsApplied", 12);..user_pref("app.normandy.user_id", "0dbf219f-4e18-464a-957c-ae336603cdcc");..user_pref("app.update.auto.migrated", true);..user_pref("app.update.background.rolledout", true);..user_pref("app.update.backgroundErrors", 2);..user_pref("app.update.lastUpdateTime.addon-background-update-timer", 1714115457);..user_pref("app.update.lastUpdateTime.background-update-timer", 1714115457);..user_pref("app.update.lastUpdateTime.browser-cleanup-thumbnails", 1714115457);..user_pref("app.update.lastUpdateTime.recipe-client-addon-run", 171411

                                                                                                                                                                                                                                                                                                                                        C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\sp4c0p22.default-release\prefs.js (copy)

                                                                                                                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                                                                                                                        Process:C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                                                                                        File Type:ASCII text, with very long lines (1717), with CRLF line terminators
                                                                                                                                                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                                                                                                                                                        Size (bytes):13212
                                                                                                                                                                                                                                                                                                                                        Entropy (8bit):5.482860338379561
                                                                                                                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                                                                                                                        SSDEEP:192:HnOCRvo1YYbBp6zDLZwxhaXq6+h+hLNgr5RuFNBw8dlSl:deUFwxAvXeEwS0
                                                                                                                                                                                                                                                                                                                                        MD5:01ACDFCD1DBAE845F0F6A6FC6CF037E8
                                                                                                                                                                                                                                                                                                                                        SHA1:B211273650DFB0904BC0001427A346270B031AD2
                                                                                                                                                                                                                                                                                                                                        SHA-256:2E2387EBC709803DF5B6721D98012E958C1FC0A32ECCD574E29EB35F02F5F3FF
                                                                                                                                                                                                                                                                                                                                        SHA-512:C1593395141C6FECF4306A81CA04223FC550EBFE9B9B3DF28BFF1FC829DC87018A2143E63AC03A26A810AF0862AD0E3E80FB8BD01974144D6A73BB3DF786797B
                                                                                                                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                                                                                                                        Preview:// Mozilla User Preferences....// DO NOT EDIT THIS FILE...//..// If you make changes to this file while the application is running,..// the changes will be overwritten when the application exits...//..// To change a preference value, you can either:..// - modify it via the UI (e.g. via about:config in the browser); or..// - set it within a user.js file in your profile.....user_pref("app.normandy.first_run", false);..user_pref("app.normandy.migrationsApplied", 12);..user_pref("app.normandy.user_id", "0dbf219f-4e18-464a-957c-ae336603cdcc");..user_pref("app.update.auto.migrated", true);..user_pref("app.update.background.rolledout", true);..user_pref("app.update.backgroundErrors", 2);..user_pref("app.update.lastUpdateTime.addon-background-update-timer", 1714115457);..user_pref("app.update.lastUpdateTime.background-update-timer", 1714115457);..user_pref("app.update.lastUpdateTime.browser-cleanup-thumbnails", 1714115457);..user_pref("app.update.lastUpdateTime.recipe-client-addon-run", 171411

                                                                                                                                                                                                                                                                                                                                        C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\sp4c0p22.default-release\protections.sqlite

                                                                                                                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                                                                                                                        Process:C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                                                                                        File Type:SQLite 3.x database, user version 1, last written using SQLite version 3042000, page size 32768, file counter 4, database pages 2, cookie 0x1, schema 4, UTF-8, version-valid-for 4
                                                                                                                                                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                                                                                                                                                        Size (bytes):65536
                                                                                                                                                                                                                                                                                                                                        Entropy (8bit):0.04062825861060003
                                                                                                                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                                                                                                                        SSDEEP:3:lSGBl/l/zl9l/AltllPltlnKollzvulJOlzALRWemFxu7TuRjBFbrl58lcV+wgn8:ltBl/lqN1K4BEJYqWvLue3FMOrMZ0l
                                                                                                                                                                                                                                                                                                                                        MD5:60C09456D6362C6FBED48C69AA342C3C
                                                                                                                                                                                                                                                                                                                                        SHA1:58B6E22DAA48C75958B429F662DEC1C011AE74D3
                                                                                                                                                                                                                                                                                                                                        SHA-256:FE1A432A2CD096B7EEA870D46D07F5197E34B4D10666E6E1C357FAA3F2FE2389
                                                                                                                                                                                                                                                                                                                                        SHA-512:936DBC887276EF07732783B50EAFE450A8598B0492B8F6C838B337EF3E8A6EA595E7C7A2FA4B3E881887FAAE2D207B953A4C65ED8C964D93118E00D3E03882BD
                                                                                                                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                                                                                                                        Preview:SQLite format 3......@ ..........................................................................j.......x..x..........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                                                        C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\sp4c0p22.default-release\sessionCheckpoints.json (copy)

                                                                                                                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                                                                                                                        Process:C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                                                                                        File Type:JSON data
                                                                                                                                                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                                                                                                                                                        Size (bytes):90
                                                                                                                                                                                                                                                                                                                                        Entropy (8bit):4.194538242412464
                                                                                                                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                                                                                                                        SSDEEP:3:YVXKQJAyiVLQwJtJDBA+AJ2LKZXJ3YFwHY:Y9KQOy6Lb1BA+m2L69Yr
                                                                                                                                                                                                                                                                                                                                        MD5:C4AB2EE59CA41B6D6A6EA911F35BDC00
                                                                                                                                                                                                                                                                                                                                        SHA1:5942CD6505FC8A9DABA403B082067E1CDEFDFBC4
                                                                                                                                                                                                                                                                                                                                        SHA-256:00AD9799527C3FD21F3A85012565EAE817490F3E0D417413BF9567BB5909F6A2
                                                                                                                                                                                                                                                                                                                                        SHA-512:71EA16900479E6AF161E0AAD08C8D1E9DED5868A8D848E7647272F3002E2F2013E16382B677ABE3C6F17792A26293B9E27EC78E16F00BD24BA3D21072BD1CAE2
                                                                                                                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                                                                                                                        Preview:{"profile-after-change":true,"final-ui-startup":true,"sessionstore-windows-restored":true}

                                                                                                                                                                                                                                                                                                                                        C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\sp4c0p22.default-release\sessionCheckpoints.json.tmp

                                                                                                                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                                                                                                                        Process:C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                                                                                        File Type:JSON data
                                                                                                                                                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                                                                                                                                                        Size (bytes):90
                                                                                                                                                                                                                                                                                                                                        Entropy (8bit):4.194538242412464
                                                                                                                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                                                                                                                        SSDEEP:3:YVXKQJAyiVLQwJtJDBA+AJ2LKZXJ3YFwHY:Y9KQOy6Lb1BA+m2L69Yr
                                                                                                                                                                                                                                                                                                                                        MD5:C4AB2EE59CA41B6D6A6EA911F35BDC00
                                                                                                                                                                                                                                                                                                                                        SHA1:5942CD6505FC8A9DABA403B082067E1CDEFDFBC4
                                                                                                                                                                                                                                                                                                                                        SHA-256:00AD9799527C3FD21F3A85012565EAE817490F3E0D417413BF9567BB5909F6A2
                                                                                                                                                                                                                                                                                                                                        SHA-512:71EA16900479E6AF161E0AAD08C8D1E9DED5868A8D848E7647272F3002E2F2013E16382B677ABE3C6F17792A26293B9E27EC78E16F00BD24BA3D21072BD1CAE2
                                                                                                                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                                                                                                                        Preview:{"profile-after-change":true,"final-ui-startup":true,"sessionstore-windows-restored":true}

                                                                                                                                                                                                                                                                                                                                        C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\sp4c0p22.default-release\sessionstore-backups\recovery.baklz4 (copy)

                                                                                                                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                                                                                                                        Process:C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                                                                                        File Type:Mozilla lz4 compressed data, originally 6069 bytes
                                                                                                                                                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                                                                                                                                                        Size (bytes):1613
                                                                                                                                                                                                                                                                                                                                        Entropy (8bit):6.293443866118921
                                                                                                                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                                                                                                                        SSDEEP:24:vsSUGiMXkQGWAIuNYXnsUXLDC+cKT5sNIlWGULFkJVfDHOxHdwmKnhZ3qqvwkFDb:kpdHQGWEOsUX6YkpxWRoDKXRDFYA5
                                                                                                                                                                                                                                                                                                                                        MD5:A91AAA47D6C4C321BF501D8B29166E96
                                                                                                                                                                                                                                                                                                                                        SHA1:77E487197066FABDADBB4E79375139E6E4231F68
                                                                                                                                                                                                                                                                                                                                        SHA-256:45FCE8465DFB91B39E9E289F9905457328F5E945FBA661C9846BF473A053A8D0
                                                                                                                                                                                                                                                                                                                                        SHA-512:A640D69B4F64B6FE62C569DD0E6095E013BEF55DE6A03DB9849523E37071FD65FC9DE71C6E1CA57864C0D80D5932C246017E01A396624F7A518129450178A174
                                                                                                                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                                                                                                                        Preview:mozLz40.......{"version":["ses....restore",1],"windows":[{"tab..bentrie....url":"file:///C:/Users/user/AppData/Local/Temp...01_MDE_File_Sample_a8068703372ae00821df45d3d1e83528d5b75530.zip/-...","title.....cacheKey":0,"ID":7,"docshellUU...6"{8ba431d3-ed5b-4638-b662-8ebdef0d02a3}","resultPrincipalURI":null,"p....ToInherit_base64_.c\"0\":..`\"moz-6..4...:{4d0b1fb6-162b-4705-8c6c-ab6986ac404c}\"}..0has...InteractX...false,"triggering......3...E..6docIdentifier":8,"persist":true}],"lastAccessed":1714115469986,"hiddey..searchMode...userContextId|..attribut...{},"index":1W..questedI..s0,"imagL....aselect...,"_closedT*.@],"_...C....GroupCount":-1,"busy....chromeFlags":2167541758....dth":1164,"height":891,"screenX":4...Y..Aizem..."maximized"...BeforeMin...&..workspace....544a81f3-86cf-4601-b565-c8cb2ca3983a","z ..1...W=..H........:..:..p.1":{..jUpdate...7,"startTim..A2366...centCrash...0},"global..Dcook.. ho?..."addons.mozilla.org","valu%. 7cu..*9745a185df1b235fd3ecf9e918cb7cd2b41b705581b7355f5

                                                                                                                                                                                                                                                                                                                                        C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\sp4c0p22.default-release\sessionstore-backups\recovery.jsonlz4 (copy)

                                                                                                                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                                                                                                                        Process:C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                                                                                        File Type:Mozilla lz4 compressed data, originally 6069 bytes
                                                                                                                                                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                                                                                                                                                        Size (bytes):1613
                                                                                                                                                                                                                                                                                                                                        Entropy (8bit):6.293443866118921
                                                                                                                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                                                                                                                        SSDEEP:24:vsSUGiMXkQGWAIuNYXnsUXLDC+cKT5sNIlWGULFkJVfDHOxHdwmKnhZ3qqvwkFDb:kpdHQGWEOsUX6YkpxWRoDKXRDFYA5
                                                                                                                                                                                                                                                                                                                                        MD5:A91AAA47D6C4C321BF501D8B29166E96
                                                                                                                                                                                                                                                                                                                                        SHA1:77E487197066FABDADBB4E79375139E6E4231F68
                                                                                                                                                                                                                                                                                                                                        SHA-256:45FCE8465DFB91B39E9E289F9905457328F5E945FBA661C9846BF473A053A8D0
                                                                                                                                                                                                                                                                                                                                        SHA-512:A640D69B4F64B6FE62C569DD0E6095E013BEF55DE6A03DB9849523E37071FD65FC9DE71C6E1CA57864C0D80D5932C246017E01A396624F7A518129450178A174
                                                                                                                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                                                                                                                        Preview:mozLz40.......{"version":["ses....restore",1],"windows":[{"tab..bentrie....url":"file:///C:/Users/user/AppData/Local/Temp...01_MDE_File_Sample_a8068703372ae00821df45d3d1e83528d5b75530.zip/-...","title.....cacheKey":0,"ID":7,"docshellUU...6"{8ba431d3-ed5b-4638-b662-8ebdef0d02a3}","resultPrincipalURI":null,"p....ToInherit_base64_.c\"0\":..`\"moz-6..4...:{4d0b1fb6-162b-4705-8c6c-ab6986ac404c}\"}..0has...InteractX...false,"triggering......3...E..6docIdentifier":8,"persist":true}],"lastAccessed":1714115469986,"hiddey..searchMode...userContextId|..attribut...{},"index":1W..questedI..s0,"imagL....aselect...,"_closedT*.@],"_...C....GroupCount":-1,"busy....chromeFlags":2167541758....dth":1164,"height":891,"screenX":4...Y..Aizem..."maximized"...BeforeMin...&..workspace....544a81f3-86cf-4601-b565-c8cb2ca3983a","z ..1...W=..H........:..:..p.1":{..jUpdate...7,"startTim..A2366...centCrash...0},"global..Dcook.. ho?..."addons.mozilla.org","valu%. 7cu..*9745a185df1b235fd3ecf9e918cb7cd2b41b705581b7355f5

                                                                                                                                                                                                                                                                                                                                        C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\sp4c0p22.default-release\sessionstore-backups\recovery.jsonlz4.tmp

                                                                                                                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                                                                                                                        Process:C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                                                                                        File Type:Mozilla lz4 compressed data, originally 6069 bytes
                                                                                                                                                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                                                                                                                                                        Size (bytes):1613
                                                                                                                                                                                                                                                                                                                                        Entropy (8bit):6.293443866118921
                                                                                                                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                                                                                                                        SSDEEP:24:vsSUGiMXkQGWAIuNYXnsUXLDC+cKT5sNIlWGULFkJVfDHOxHdwmKnhZ3qqvwkFDb:kpdHQGWEOsUX6YkpxWRoDKXRDFYA5
                                                                                                                                                                                                                                                                                                                                        MD5:A91AAA47D6C4C321BF501D8B29166E96
                                                                                                                                                                                                                                                                                                                                        SHA1:77E487197066FABDADBB4E79375139E6E4231F68
                                                                                                                                                                                                                                                                                                                                        SHA-256:45FCE8465DFB91B39E9E289F9905457328F5E945FBA661C9846BF473A053A8D0
                                                                                                                                                                                                                                                                                                                                        SHA-512:A640D69B4F64B6FE62C569DD0E6095E013BEF55DE6A03DB9849523E37071FD65FC9DE71C6E1CA57864C0D80D5932C246017E01A396624F7A518129450178A174
                                                                                                                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                                                                                                                        Preview:mozLz40.......{"version":["ses....restore",1],"windows":[{"tab..bentrie....url":"file:///C:/Users/user/AppData/Local/Temp...01_MDE_File_Sample_a8068703372ae00821df45d3d1e83528d5b75530.zip/-...","title.....cacheKey":0,"ID":7,"docshellUU...6"{8ba431d3-ed5b-4638-b662-8ebdef0d02a3}","resultPrincipalURI":null,"p....ToInherit_base64_.c\"0\":..`\"moz-6..4...:{4d0b1fb6-162b-4705-8c6c-ab6986ac404c}\"}..0has...InteractX...false,"triggering......3...E..6docIdentifier":8,"persist":true}],"lastAccessed":1714115469986,"hiddey..searchMode...userContextId|..attribut...{},"index":1W..questedI..s0,"imagL....aselect...,"_closedT*.@],"_...C....GroupCount":-1,"busy....chromeFlags":2167541758....dth":1164,"height":891,"screenX":4...Y..Aizem..."maximized"...BeforeMin...&..workspace....544a81f3-86cf-4601-b565-c8cb2ca3983a","z ..1...W=..H........:..:..p.1":{..jUpdate...7,"startTim..A2366...centCrash...0},"global..Dcook.. ho?..."addons.mozilla.org","valu%. 7cu..*9745a185df1b235fd3ecf9e918cb7cd2b41b705581b7355f5

                                                                                                                                                                                                                                                                                                                                        C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\sp4c0p22.default-release\targeting.snapshot.json (copy)

                                                                                                                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                                                                                                                        Process:C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                                                                                        File Type:JSON data
                                                                                                                                                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                                                                                                                                                        Size (bytes):4537
                                                                                                                                                                                                                                                                                                                                        Entropy (8bit):5.03349543877081
                                                                                                                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                                                                                                                        SSDEEP:48:YrSAYmjpUQZpExB1+anOdWtVheTV2hWUzzc89YMsku7f86SLAVL7Kl5FtsfAcbyk:ycmjdTEr59kUzzctvbw6KkqRrc2Rn27
                                                                                                                                                                                                                                                                                                                                        MD5:E9BBE4AC6AEB170F554AEBE130823B2C
                                                                                                                                                                                                                                                                                                                                        SHA1:9D7421DCB0021B96DAA860A632FBAB88A15A548C
                                                                                                                                                                                                                                                                                                                                        SHA-256:65B1295A49DCD6F9BC035AC20CCF0484736CC4C365D7C731ECE5FC3EB28129F9
                                                                                                                                                                                                                                                                                                                                        SHA-512:4F36F65F11747A7416EF4C89FF66D7FC1A04D6097A51CFC18D94B59A2D0F458F832B306C89F297D6F802B80F4BA6F2E385D3DC73DF35371DDFB7775F960D86A7
                                                                                                                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                                                                                                                        Preview:{"environment":{"locale":"en-US","localeLanguageCode":"en","browserSettings":{"update":{"channel":"release","enabled":true,"autoDownload":true,"background":true}},"attributionData":{"campaign":"%2528not%2Bset%2529","content":"%2528not%2Bset%2529","dlsource":"mozorg","dltoken":"cd09ae95-e2cf-4b8b-8929-791b0dd48cdd","experiment":"%2528not%2Bset%2529","medium":"referral","source":"www.google.com","ua":"chrome","variation":"%2528not%2Bset%2529"},"currentDate":"2024-04-26T07:10:45.873Z","profileAgeCreated":1696583300378,"usesFirefoxSync":false,"isFxAEnabled":true,"isFxASignedIn":false,"sync":{"desktopDevices":0,"mobileDevices":0,"totalDevices":0},"xpinstallEnabled":true,"addonsInfo":{"addons":{"formautofill@mozilla.org":{"version":"1.0.1","type":"extension","isSystem":true,"isWebExtension":true,"name":"Form Autofill","userDisabled":false,"installDate":"2023-09-28T01:41:23.000Z"},"pictureinpicture@mozilla.org":{"version":"1.0.0","type":"extension","isSystem":true,"isWebExtension":true,"name"

                                                                                                                                                                                                                                                                                                                                        C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\sp4c0p22.default-release\targeting.snapshot.json.tmp

                                                                                                                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                                                                                                                        Process:C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                                                                                        File Type:JSON data
                                                                                                                                                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                                                                                                                                                        Size (bytes):4537
                                                                                                                                                                                                                                                                                                                                        Entropy (8bit):5.03349543877081
                                                                                                                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                                                                                                                        SSDEEP:48:YrSAYmjpUQZpExB1+anOdWtVheTV2hWUzzc89YMsku7f86SLAVL7Kl5FtsfAcbyk:ycmjdTEr59kUzzctvbw6KkqRrc2Rn27
                                                                                                                                                                                                                                                                                                                                        MD5:E9BBE4AC6AEB170F554AEBE130823B2C
                                                                                                                                                                                                                                                                                                                                        SHA1:9D7421DCB0021B96DAA860A632FBAB88A15A548C
                                                                                                                                                                                                                                                                                                                                        SHA-256:65B1295A49DCD6F9BC035AC20CCF0484736CC4C365D7C731ECE5FC3EB28129F9
                                                                                                                                                                                                                                                                                                                                        SHA-512:4F36F65F11747A7416EF4C89FF66D7FC1A04D6097A51CFC18D94B59A2D0F458F832B306C89F297D6F802B80F4BA6F2E385D3DC73DF35371DDFB7775F960D86A7
                                                                                                                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                                                                                                                        Preview:{"environment":{"locale":"en-US","localeLanguageCode":"en","browserSettings":{"update":{"channel":"release","enabled":true,"autoDownload":true,"background":true}},"attributionData":{"campaign":"%2528not%2Bset%2529","content":"%2528not%2Bset%2529","dlsource":"mozorg","dltoken":"cd09ae95-e2cf-4b8b-8929-791b0dd48cdd","experiment":"%2528not%2Bset%2529","medium":"referral","source":"www.google.com","ua":"chrome","variation":"%2528not%2Bset%2529"},"currentDate":"2024-04-26T07:10:45.873Z","profileAgeCreated":1696583300378,"usesFirefoxSync":false,"isFxAEnabled":true,"isFxASignedIn":false,"sync":{"desktopDevices":0,"mobileDevices":0,"totalDevices":0},"xpinstallEnabled":true,"addonsInfo":{"addons":{"formautofill@mozilla.org":{"version":"1.0.1","type":"extension","isSystem":true,"isWebExtension":true,"name":"Form Autofill","userDisabled":false,"installDate":"2023-09-28T01:41:23.000Z"},"pictureinpicture@mozilla.org":{"version":"1.0.0","type":"extension","isSystem":true,"isWebExtension":true,"name"

                                                                                                                                                                                                                                                                                                                                        C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\sp4c0p22.default-release\xulstore.json (copy)

                                                                                                                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                                                                                                                        Process:C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                                                                                        File Type:JSON data
                                                                                                                                                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                                                                                                                                                        Size (bytes):141
                                                                                                                                                                                                                                                                                                                                        Entropy (8bit):4.527146700950922
                                                                                                                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                                                                                                                        SSDEEP:3:YGNDhK6c2us1pNGHfYS8dJsAulvhJBAuqRrHvN+M4fHlxKgfHwFn:YGNTG/SJsAUv54rH0vHlxKgfQFn
                                                                                                                                                                                                                                                                                                                                        MD5:74E2B5FEA591C1050CAD4BED0AFE0EA1
                                                                                                                                                                                                                                                                                                                                        SHA1:511B7F71B3F73354282145A5B5824BF13758F262
                                                                                                                                                                                                                                                                                                                                        SHA-256:D59735F5C04F870A5E3E272CED57FCBA79E9EE309D228E6EF76D25057D902710
                                                                                                                                                                                                                                                                                                                                        SHA-512:29DEED066A22EF405CBB4D01C1F11BDE3E94F019ED6CCC1C9DACEEA78C816C2454E73325B7CB4CB0AED219E27A4D71DA9A47ACBE7EA24B8C55DAE4AA983B155C
                                                                                                                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                                                                                                                        Preview:{"chrome://browser/content/browser.xhtml":{"main-window":{"screenX":"4","screenY":"4","width":"1164","height":"891","sizemode":"maximized"}}}

                                                                                                                                                                                                                                                                                                                                        C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\sp4c0p22.default-release\xulstore.json.tmp

                                                                                                                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                                                                                                                        Process:C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                                                                                        File Type:JSON data
                                                                                                                                                                                                                                                                                                                                        Category:modified
                                                                                                                                                                                                                                                                                                                                        Size (bytes):141
                                                                                                                                                                                                                                                                                                                                        Entropy (8bit):4.527146700950922
                                                                                                                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                                                                                                                        SSDEEP:3:YGNDhK6c2us1pNGHfYS8dJsAulvhJBAuqRrHvN+M4fHlxKgfHwFn:YGNTG/SJsAUv54rH0vHlxKgfQFn
                                                                                                                                                                                                                                                                                                                                        MD5:74E2B5FEA591C1050CAD4BED0AFE0EA1
                                                                                                                                                                                                                                                                                                                                        SHA1:511B7F71B3F73354282145A5B5824BF13758F262
                                                                                                                                                                                                                                                                                                                                        SHA-256:D59735F5C04F870A5E3E272CED57FCBA79E9EE309D228E6EF76D25057D902710
                                                                                                                                                                                                                                                                                                                                        SHA-512:29DEED066A22EF405CBB4D01C1F11BDE3E94F019ED6CCC1C9DACEEA78C816C2454E73325B7CB4CB0AED219E27A4D71DA9A47ACBE7EA24B8C55DAE4AA983B155C
                                                                                                                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                                                                                                                        Preview:{"chrome://browser/content/browser.xhtml":{"main-window":{"screenX":"4","screenY":"4","width":"1164","height":"891","sizemode":"maximized"}}}

                                                                                                                                                                                                                                                                                                                                        C:\Users\user\Downloads\a8068703372ae00821df45d3d1e83528d5b75530 (copy)

                                                                                                                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                                                                                                                        Process:C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                                                                                        File Type:PE32 executable (GUI) Intel 80386, for MS Windows, Nullsoft Installer self-extracting archive
                                                                                                                                                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                                                                                                                                                        Size (bytes):1378056
                                                                                                                                                                                                                                                                                                                                        Entropy (8bit):7.978317714889543
                                                                                                                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                                                                                                                        SSDEEP:24576:lAAbeg/aRWe00Sc72z5ZexkXjoePAL6be7cpzUQP2zk+QLgumxo/hTjPppgepa/G:y00Sec5Z1oePUFsg+U2/hxpPa/NY
                                                                                                                                                                                                                                                                                                                                        MD5:423B7C6C49A6A71C2E5DE8BB30D82A80
                                                                                                                                                                                                                                                                                                                                        SHA1:A8068703372AE00821DF45D3D1E83528D5B75530
                                                                                                                                                                                                                                                                                                                                        SHA-256:FA303EADC3CCE05E0C0758C95D58E37BE1CE42218F2A34392CD68EEFF8FF487E
                                                                                                                                                                                                                                                                                                                                        SHA-512:D313F7546096291A67235FEA8BDA15521C3D31663680EB2CEEB6D61D77CA48EC089444F3681CB2DE00DCE3EA1255D82E55829F124F9DF890E41378EA9641E031
                                                                                                                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                                                                                                                        Antivirus:
                                                                                                                                                                                                                                                                                                                                        • Antivirus: ReversingLabs, Detection: 3%
                                                                                                                                                                                                                                                                                                                                        • Antivirus: Virustotal, Detection: 0%, Browse
                                                                                                                                                                                                                                                                                                                                        Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$........1...Pf..Pf..Pf.*_9..Pf..Pg.LPf.*_;..Pf.sV..Pf..V`..Pf.Rich.Pf.........................PE..L...<.oZ.................h...........3............@..........................0............@..........................................P..(................*...........................................................................................text...'f.......h.................. ..`.rdata...............l..............@..@.data...............................@....ndata.......P...........................rsrc...(....P......................@..@................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                                                        C:\Users\user\Downloads\fUYnz81b.part

                                                                                                                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                                                                                                                        Process:C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                                                                                        File Type:PE32 executable (GUI) Intel 80386, for MS Windows, Nullsoft Installer self-extracting archive
                                                                                                                                                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                                                                                                                                                        Size (bytes):1378056
                                                                                                                                                                                                                                                                                                                                        Entropy (8bit):7.978317714889543
                                                                                                                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                                                                                                                        SSDEEP:24576:lAAbeg/aRWe00Sc72z5ZexkXjoePAL6be7cpzUQP2zk+QLgumxo/hTjPppgepa/G:y00Sec5Z1oePUFsg+U2/hxpPa/NY
                                                                                                                                                                                                                                                                                                                                        MD5:423B7C6C49A6A71C2E5DE8BB30D82A80
                                                                                                                                                                                                                                                                                                                                        SHA1:A8068703372AE00821DF45D3D1E83528D5B75530
                                                                                                                                                                                                                                                                                                                                        SHA-256:FA303EADC3CCE05E0C0758C95D58E37BE1CE42218F2A34392CD68EEFF8FF487E
                                                                                                                                                                                                                                                                                                                                        SHA-512:D313F7546096291A67235FEA8BDA15521C3D31663680EB2CEEB6D61D77CA48EC089444F3681CB2DE00DCE3EA1255D82E55829F124F9DF890E41378EA9641E031
                                                                                                                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                                                                                                                        Antivirus:
                                                                                                                                                                                                                                                                                                                                        • Antivirus: ReversingLabs, Detection: 3%
                                                                                                                                                                                                                                                                                                                                        • Antivirus: Virustotal, Detection: 0%, Browse
                                                                                                                                                                                                                                                                                                                                        Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$........1...Pf..Pf..Pf.*_9..Pf..Pg.LPf.*_;..Pf.sV..Pf..V`..Pf.Rich.Pf.........................PE..L...<.oZ.................h...........3............@..........................0............@..........................................P..(................*...........................................................................................text...'f.......h.................. ..`.rdata...............l..............@..@.data...............................@....ndata.......P...........................rsrc...(....P......................@..@................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                                                        Static File Info

                                                                                                                                                                                                                                                                                                                                        General

                                                                                                                                                                                                                                                                                                                                        File type:Zip archive data, at least v2.0 to extract, compression method=deflate
                                                                                                                                                                                                                                                                                                                                        Entropy (8bit):7.999867211854168
                                                                                                                                                                                                                                                                                                                                        TrID:
                                                                                                                                                                                                                                                                                                                                        • ZIP compressed archive (8000/1) 100.00%
                                                                                                                                                                                                                                                                                                                                        File name:MDE_File_Sample_a8068703372ae00821df45d3d1e83528d5b75530.zip
                                                                                                                                                                                                                                                                                                                                        File size:1'345'668 bytes
                                                                                                                                                                                                                                                                                                                                        MD5:110d5f1b1c6728b33d4adeae124400b1
                                                                                                                                                                                                                                                                                                                                        SHA1:39e6b521680529c1214b6be85b289fee9da341b0
                                                                                                                                                                                                                                                                                                                                        SHA256:75c2bcefef95b7656a36428c8408a3567540af8772d70426e674da0eccdc7d27
                                                                                                                                                                                                                                                                                                                                        SHA512:89f4a8b52be0c561c5f5c966ac61dfb43286bf019f8e032ff4f9865128949a3917659f70d259a561e9376bd34420ddfe895c7b75aa8e11dceca01c0815d97221
                                                                                                                                                                                                                                                                                                                                        SSDEEP:24576:NZ2P+mYAikRiVOiUbPPpMOnAcp3QxkMTdxHQxx7XlRKfLFrwJL3jDw9X5:Na+wh7iKvtC97QL3KaBwT
                                                                                                                                                                                                                                                                                                                                        TLSH:A75533E53EBA5F83818D619357DB42513FC61AB43E03994690F98EDCD2AD82FCC528D1
                                                                                                                                                                                                                                                                                                                                        File Content Preview:PK.........+.X............(.$.a8068703372ae00821df45d3d1e83528d5b75530.. .........$.......#................./..66h^./Q...j.#r..d1....[..?...Q+..)y........$M..v..FI..z%^.t$.......f..^(m...?.....q..Y./U..J..H.....j....y..u&.i.........yt+.M...!....^..C.B..v.

                                                                                                                                                                                                                                                                                                                                        File Icon

                                                                                                                                                                                                                                                                                                                                        Icon Hash:1c1c1e4e4ececedc

                                                                                                                                                                                                                                                                                                                                        Network Behavior

                                                                                                                                                                                                                                                                                                                                        Network Port Distribution

                                                                                                                                                                                                                                                                                                                                        TCP Packets

                                                                                                                                                                                                                                                                                                                                        TimestampSource PortDest PortSource IPDest IP
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:33.013557911 CEST4971480192.168.2.1634.107.221.82
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:33.171188116 CEST804971434.107.221.82192.168.2.16
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:33.171287060 CEST4971480192.168.2.1634.107.221.82
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:33.171468973 CEST4971480192.168.2.1634.107.221.82
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:33.328871965 CEST804971434.107.221.82192.168.2.16
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:33.370250940 CEST804971434.107.221.82192.168.2.16
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:33.416095972 CEST4971480192.168.2.1634.107.221.82
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:33.792268991 CEST49715443192.168.2.1634.117.188.166
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:33.792294025 CEST4434971534.117.188.166192.168.2.16
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:33.792404890 CEST49715443192.168.2.1634.117.188.166
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:33.793759108 CEST49715443192.168.2.1634.117.188.166
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:33.793771029 CEST4434971534.117.188.166192.168.2.16
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:34.123445034 CEST4434971534.117.188.166192.168.2.16
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:34.123536110 CEST49715443192.168.2.1634.117.188.166
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:34.128554106 CEST49715443192.168.2.1634.117.188.166
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:34.128575087 CEST4434971534.117.188.166192.168.2.16
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:34.128691912 CEST49715443192.168.2.1634.117.188.166
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:34.128812075 CEST4434971534.117.188.166192.168.2.16
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:34.128900051 CEST49715443192.168.2.1634.117.188.166
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:34.129046917 CEST49716443192.168.2.1634.117.188.166
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:34.129127979 CEST4434971634.117.188.166192.168.2.16
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:34.129463911 CEST49716443192.168.2.1634.117.188.166
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:34.130750895 CEST49716443192.168.2.1634.117.188.166
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:34.130784988 CEST4434971634.117.188.166192.168.2.16
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:34.458153963 CEST4434971634.117.188.166192.168.2.16
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:34.458226919 CEST49716443192.168.2.1634.117.188.166
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:34.773662090 CEST49717443192.168.2.1634.117.188.166
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:34.773739100 CEST4971880192.168.2.1634.107.221.82
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:34.773787975 CEST4434971734.117.188.166192.168.2.16
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:34.774154902 CEST49719443192.168.2.1635.244.181.201
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:34.774239063 CEST4434971935.244.181.201192.168.2.16
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:34.776599884 CEST49716443192.168.2.1634.117.188.166
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:34.776640892 CEST4434971634.117.188.166192.168.2.16
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:34.776695967 CEST49716443192.168.2.1634.117.188.166
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:34.777237892 CEST4434971634.117.188.166192.168.2.16
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:34.778140068 CEST49717443192.168.2.1634.117.188.166
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:34.778151035 CEST49716443192.168.2.1634.117.188.166
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:34.779512882 CEST49717443192.168.2.1634.117.188.166
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:34.779517889 CEST49719443192.168.2.1635.244.181.201
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:34.779531002 CEST4434971734.117.188.166192.168.2.16
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:34.779633045 CEST49719443192.168.2.1635.244.181.201
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:34.779649019 CEST4434971935.244.181.201192.168.2.16
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:34.931359053 CEST804971834.107.221.82192.168.2.16
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:34.931449890 CEST4971880192.168.2.1634.107.221.82
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:34.931619883 CEST4971880192.168.2.1634.107.221.82
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:35.088825941 CEST804971834.107.221.82192.168.2.16
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:35.088983059 CEST804971834.107.221.82192.168.2.16
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:35.089046001 CEST4971880192.168.2.1634.107.221.82
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:35.107567072 CEST4434971734.117.188.166192.168.2.16
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:35.107644081 CEST49717443192.168.2.1634.117.188.166
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:35.108273029 CEST4434971935.244.181.201192.168.2.16
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:35.109993935 CEST49719443192.168.2.1635.244.181.201
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:35.112771988 CEST49719443192.168.2.1635.244.181.201
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:35.112782955 CEST4434971935.244.181.201192.168.2.16
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:35.113179922 CEST4434971935.244.181.201192.168.2.16
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:35.115397930 CEST49717443192.168.2.1634.117.188.166
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:35.115413904 CEST4434971734.117.188.166192.168.2.16
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:35.115504980 CEST49717443192.168.2.1634.117.188.166
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:35.115569115 CEST4434971734.117.188.166192.168.2.16
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:35.115617990 CEST49717443192.168.2.1634.117.188.166
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:35.116302013 CEST49720443192.168.2.1634.117.188.166
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:35.116328955 CEST4434972034.117.188.166192.168.2.16
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:35.116348028 CEST49719443192.168.2.1635.244.181.201
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:35.116390944 CEST49720443192.168.2.1634.117.188.166
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:35.116416931 CEST49719443192.168.2.1635.244.181.201
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:35.116539955 CEST4434971935.244.181.201192.168.2.16
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:35.116584063 CEST49719443192.168.2.1635.244.181.201
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:35.117763042 CEST49720443192.168.2.1634.117.188.166
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:35.117777109 CEST4434972034.117.188.166192.168.2.16
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:35.342024088 CEST4971880192.168.2.1634.107.221.82
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:35.342087030 CEST4971480192.168.2.1634.107.221.82
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:35.438580036 CEST4434972034.117.188.166192.168.2.16
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:35.438652992 CEST49720443192.168.2.1634.117.188.166
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:35.443233013 CEST49720443192.168.2.1634.117.188.166
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:35.443239927 CEST4434972034.117.188.166192.168.2.16
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:35.443303108 CEST49720443192.168.2.1634.117.188.166
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:35.443377972 CEST4434972034.117.188.166192.168.2.16
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:35.443435907 CEST49720443192.168.2.1634.117.188.166
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:35.469753027 CEST49721443192.168.2.1634.160.144.191
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:35.469813108 CEST4434972134.160.144.191192.168.2.16
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:35.469965935 CEST49721443192.168.2.1634.160.144.191
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:35.470089912 CEST49721443192.168.2.1634.160.144.191
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:35.470125914 CEST4434972134.160.144.191192.168.2.16
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:35.498584032 CEST804971834.107.221.82192.168.2.16
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:35.498645067 CEST4971880192.168.2.1634.107.221.82
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:35.535907984 CEST804971434.107.221.82192.168.2.16
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:35.536161900 CEST4971480192.168.2.1634.107.221.82
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:35.558348894 CEST4972280192.168.2.1634.107.221.82
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:35.718000889 CEST804972234.107.221.82192.168.2.16
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:35.718153954 CEST4972280192.168.2.1634.107.221.82
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:35.718322039 CEST4972280192.168.2.1634.107.221.82
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:35.770890951 CEST49723443192.168.2.1634.117.188.166
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:35.770924091 CEST4434972334.117.188.166192.168.2.16
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:35.771028042 CEST49723443192.168.2.1634.117.188.166
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:35.772408962 CEST49723443192.168.2.1634.117.188.166
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:35.772424936 CEST4434972334.117.188.166192.168.2.16
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:35.798845053 CEST4434972134.160.144.191192.168.2.16
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:35.798950911 CEST49721443192.168.2.1634.160.144.191
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:35.802243948 CEST49721443192.168.2.1634.160.144.191
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:35.802265882 CEST4434972134.160.144.191192.168.2.16
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:35.802546978 CEST4434972134.160.144.191192.168.2.16
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:35.804877996 CEST49721443192.168.2.1634.160.144.191
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:35.804984093 CEST49721443192.168.2.1634.160.144.191
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:35.805053949 CEST4434972134.160.144.191192.168.2.16
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:35.805133104 CEST49721443192.168.2.1634.160.144.191
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:35.805315971 CEST49724443192.168.2.1634.160.144.191
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:35.805341959 CEST4434972434.160.144.191192.168.2.16
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:35.805413008 CEST49724443192.168.2.1634.160.144.191
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:35.805510044 CEST49724443192.168.2.1634.160.144.191
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:35.805516958 CEST4434972434.160.144.191192.168.2.16
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:35.875933886 CEST804972234.107.221.82192.168.2.16
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:35.876023054 CEST804972234.107.221.82192.168.2.16
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:35.922091961 CEST4972280192.168.2.1634.107.221.82
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:36.095845938 CEST4434972334.117.188.166192.168.2.16
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:36.095944881 CEST49723443192.168.2.1634.117.188.166
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:36.101558924 CEST49723443192.168.2.1634.117.188.166
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:36.101574898 CEST4434972334.117.188.166192.168.2.16
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:36.101675034 CEST49723443192.168.2.1634.117.188.166
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:36.101731062 CEST4434972334.117.188.166192.168.2.16
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:36.101808071 CEST49723443192.168.2.1634.117.188.166
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:36.102081060 CEST49725443192.168.2.1634.117.188.166
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:36.102165937 CEST4434972534.117.188.166192.168.2.16
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:36.102253914 CEST49725443192.168.2.1634.117.188.166
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:36.103605032 CEST49725443192.168.2.1634.117.188.166
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:36.103637934 CEST4434972534.117.188.166192.168.2.16
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:36.131438971 CEST4434972434.160.144.191192.168.2.16
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:36.131519079 CEST49724443192.168.2.1634.160.144.191
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:36.134653091 CEST49724443192.168.2.1634.160.144.191
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:36.134663105 CEST4434972434.160.144.191192.168.2.16
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:36.135402918 CEST4434972434.160.144.191192.168.2.16
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:36.137442112 CEST49724443192.168.2.1634.160.144.191
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:36.137507915 CEST49724443192.168.2.1634.160.144.191
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:36.137614965 CEST4434972434.160.144.191192.168.2.16
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:36.137666941 CEST49724443192.168.2.1634.160.144.191
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:36.431523085 CEST4434972534.117.188.166192.168.2.16
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:36.431626081 CEST49725443192.168.2.1634.117.188.166
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:36.436436892 CEST49725443192.168.2.1634.117.188.166
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:36.436479092 CEST4434972534.117.188.166192.168.2.16
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:36.436525106 CEST49725443192.168.2.1634.117.188.166
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:36.436877966 CEST4434972534.117.188.166192.168.2.16
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:36.437130928 CEST49725443192.168.2.1634.117.188.166
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:37.959707975 CEST4972680192.168.2.1634.107.221.82
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:38.117455959 CEST804972634.107.221.82192.168.2.16
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:38.117549896 CEST4972680192.168.2.1634.107.221.82
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:38.117723942 CEST4972680192.168.2.1634.107.221.82
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:38.274859905 CEST804972634.107.221.82192.168.2.16
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:38.275167942 CEST804972634.107.221.82192.168.2.16
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:38.275223017 CEST4972680192.168.2.1634.107.221.82
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:38.739998102 CEST4972280192.168.2.1634.107.221.82
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:38.899175882 CEST804972234.107.221.82192.168.2.16
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:38.944071054 CEST4972280192.168.2.1634.107.221.82
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:39.096191883 CEST4972680192.168.2.1634.107.221.82
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:39.252877951 CEST804972634.107.221.82192.168.2.16
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:39.296092033 CEST4972680192.168.2.1634.107.221.82
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:39.558113098 CEST4972280192.168.2.1634.107.221.82
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:39.715786934 CEST804972234.107.221.82192.168.2.16
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:39.763070107 CEST4972280192.168.2.1634.107.221.82
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:39.912837029 CEST4972680192.168.2.1634.107.221.82
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:40.046907902 CEST49729443192.168.2.1634.120.208.123
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:40.046936989 CEST4434972934.120.208.123192.168.2.16
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:40.052459002 CEST49729443192.168.2.1634.120.208.123
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:40.053878069 CEST49729443192.168.2.1634.120.208.123
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:40.053889990 CEST4434972934.120.208.123192.168.2.16
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:40.056576967 CEST49730443192.168.2.1634.149.100.209
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:40.056607008 CEST4434973034.149.100.209192.168.2.16
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:40.057900906 CEST49730443192.168.2.1634.149.100.209
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:40.059339046 CEST49730443192.168.2.1634.149.100.209
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:40.059351921 CEST4434973034.149.100.209192.168.2.16
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:40.071255922 CEST804972634.107.221.82192.168.2.16
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:40.110680103 CEST49731443192.168.2.1635.244.181.201
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:40.110724926 CEST4434973135.244.181.201192.168.2.16
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:40.110805988 CEST49731443192.168.2.1635.244.181.201
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:40.110950947 CEST49731443192.168.2.1635.244.181.201
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:40.110970020 CEST4434973135.244.181.201192.168.2.16
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:40.122103930 CEST4972680192.168.2.1634.107.221.82
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:40.377985954 CEST4434972934.120.208.123192.168.2.16
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:40.378072023 CEST49729443192.168.2.1634.120.208.123
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:40.382668018 CEST49729443192.168.2.1634.120.208.123
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:40.382674932 CEST4434972934.120.208.123192.168.2.16
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:40.382744074 CEST49729443192.168.2.1634.120.208.123
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:40.382800102 CEST4434972934.120.208.123192.168.2.16
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:40.382847071 CEST49729443192.168.2.1634.120.208.123
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:40.386684895 CEST4434973034.149.100.209192.168.2.16
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:40.386759996 CEST49730443192.168.2.1634.149.100.209
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:40.391045094 CEST49730443192.168.2.1634.149.100.209
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:40.391050100 CEST4434973034.149.100.209192.168.2.16
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:40.391109943 CEST49730443192.168.2.1634.149.100.209
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:40.391220093 CEST4434973034.149.100.209192.168.2.16
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:40.391271114 CEST49730443192.168.2.1634.149.100.209
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:40.440553904 CEST4434973135.244.181.201192.168.2.16
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:40.440649033 CEST49731443192.168.2.1635.244.181.201
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:40.443299055 CEST49731443192.168.2.1635.244.181.201
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:40.443310976 CEST4434973135.244.181.201192.168.2.16
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:40.444358110 CEST4434973135.244.181.201192.168.2.16
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:40.445880890 CEST49731443192.168.2.1635.244.181.201
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:40.445946932 CEST49731443192.168.2.1635.244.181.201
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:40.446242094 CEST4434973135.244.181.201192.168.2.16
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:40.446306944 CEST49731443192.168.2.1635.244.181.201
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:40.525810957 CEST4972280192.168.2.1634.107.221.82
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:40.551229000 CEST49732443192.168.2.1634.149.100.209
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:40.551261902 CEST4434973234.149.100.209192.168.2.16
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:40.551327944 CEST49732443192.168.2.1634.149.100.209
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:40.551522970 CEST49732443192.168.2.1634.149.100.209
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:40.551542044 CEST4434973234.149.100.209192.168.2.16
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:40.657886982 CEST49733443192.168.2.1634.120.208.123
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:40.657980919 CEST4434973334.120.208.123192.168.2.16
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:40.658140898 CEST49733443192.168.2.1634.120.208.123
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:40.659543037 CEST49733443192.168.2.1634.120.208.123
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:40.659576893 CEST4434973334.120.208.123192.168.2.16
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:40.683218956 CEST804972234.107.221.82192.168.2.16
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:40.728121996 CEST4972280192.168.2.1634.107.221.82
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:40.880740881 CEST4434973234.149.100.209192.168.2.16
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:40.880841970 CEST49732443192.168.2.1634.149.100.209
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:40.980832100 CEST4434973334.120.208.123192.168.2.16
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:40.980904102 CEST49733443192.168.2.1634.120.208.123
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:40.996385098 CEST49732443192.168.2.1634.149.100.209
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:40.996413946 CEST4434973234.149.100.209192.168.2.16
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:40.997297049 CEST4434973234.149.100.209192.168.2.16
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:41.041086912 CEST49732443192.168.2.1634.149.100.209
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:41.186662912 CEST49732443192.168.2.1634.149.100.209
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:41.186781883 CEST49732443192.168.2.1634.149.100.209
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:41.186922073 CEST49733443192.168.2.1634.120.208.123
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:41.186961889 CEST4434973334.120.208.123192.168.2.16
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:41.187017918 CEST49733443192.168.2.1634.120.208.123
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:41.187191010 CEST4434973234.149.100.209192.168.2.16
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:41.187199116 CEST4434973334.120.208.123192.168.2.16
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:41.187263012 CEST49733443192.168.2.1634.120.208.123
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:41.187273026 CEST49732443192.168.2.1634.149.100.209
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:41.187371016 CEST49734443192.168.2.1634.149.100.209
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:41.187463999 CEST4434973434.149.100.209192.168.2.16
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:41.187556028 CEST49734443192.168.2.1634.149.100.209
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:41.187704086 CEST49734443192.168.2.1634.149.100.209
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:41.187721014 CEST4434973434.149.100.209192.168.2.16
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:41.517134905 CEST4434973434.149.100.209192.168.2.16
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:41.524137974 CEST4434973434.149.100.209192.168.2.16
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:41.527159929 CEST49734443192.168.2.1634.149.100.209
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:41.702864885 CEST49734443192.168.2.1634.149.100.209
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:41.702903032 CEST4434973434.149.100.209192.168.2.16
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:41.703886986 CEST4434973434.149.100.209192.168.2.16
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:41.708002090 CEST49734443192.168.2.1634.149.100.209
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:41.708080053 CEST49734443192.168.2.1634.149.100.209
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:41.708487988 CEST4434973434.149.100.209192.168.2.16
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:41.708627939 CEST49734443192.168.2.1634.149.100.209
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:48.685805082 CEST4972680192.168.2.1634.107.221.82
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:48.842879057 CEST804972634.107.221.82192.168.2.16
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:48.899111986 CEST4972680192.168.2.1634.107.221.82
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:49.543829918 CEST4972280192.168.2.1634.107.221.82
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:49.544734955 CEST49735443192.168.2.1634.120.208.123
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:49.544807911 CEST4434973534.120.208.123192.168.2.16
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:49.545022964 CEST49735443192.168.2.1634.120.208.123
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:49.546452999 CEST49735443192.168.2.1634.120.208.123
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:49.546488047 CEST4434973534.120.208.123192.168.2.16
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:49.702290058 CEST804972234.107.221.82192.168.2.16
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:49.751107931 CEST4972280192.168.2.1634.107.221.82
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:49.876050949 CEST4434973534.120.208.123192.168.2.16
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:49.876121044 CEST49735443192.168.2.1634.120.208.123
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:50.041352034 CEST49736443192.168.2.1634.120.208.123
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:50.041403055 CEST4434973634.120.208.123192.168.2.16
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:50.041496038 CEST49737443192.168.2.1634.120.208.123
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:50.041594982 CEST4434973734.120.208.123192.168.2.16
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:50.042843103 CEST49736443192.168.2.1634.120.208.123
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:50.043035030 CEST49737443192.168.2.1634.120.208.123
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:50.043411016 CEST49737443192.168.2.1634.120.208.123
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:50.043445110 CEST4434973734.120.208.123192.168.2.16
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:50.043503046 CEST49736443192.168.2.1634.120.208.123
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:50.043514967 CEST4434973634.120.208.123192.168.2.16
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:50.043698072 CEST49735443192.168.2.1634.120.208.123
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:50.043766022 CEST4434973534.120.208.123192.168.2.16
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:50.043801069 CEST49735443192.168.2.1634.120.208.123
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:50.044034958 CEST4434973534.120.208.123192.168.2.16
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:50.044302940 CEST49735443192.168.2.1634.120.208.123
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:50.364500999 CEST4434973734.120.208.123192.168.2.16
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:50.364583015 CEST49737443192.168.2.1634.120.208.123
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:50.364608049 CEST4434973634.120.208.123192.168.2.16
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:50.364672899 CEST49736443192.168.2.1634.120.208.123
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:50.589082956 CEST49737443192.168.2.1634.120.208.123
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:50.589112043 CEST4434973734.120.208.123192.168.2.16
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:50.589426041 CEST4434973734.120.208.123192.168.2.16
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:50.591784000 CEST49736443192.168.2.1634.120.208.123
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:50.591804981 CEST4434973634.120.208.123192.168.2.16
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:50.592358112 CEST4434973634.120.208.123192.168.2.16
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:50.596349955 CEST49737443192.168.2.1634.120.208.123
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:50.596445084 CEST49737443192.168.2.1634.120.208.123
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:50.596510887 CEST4434973734.120.208.123192.168.2.16
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:50.596534967 CEST49736443192.168.2.1634.120.208.123
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:50.596584082 CEST49736443192.168.2.1634.120.208.123
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:50.596683979 CEST49737443192.168.2.1634.120.208.123
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:50.596769094 CEST4434973634.120.208.123192.168.2.16
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:50.596817017 CEST49736443192.168.2.1634.120.208.123
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:50.977890968 CEST4972680192.168.2.1634.107.221.82
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:51.135827065 CEST804972634.107.221.82192.168.2.16
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:51.143177986 CEST4972280192.168.2.1634.107.221.82
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:51.181121111 CEST4972680192.168.2.1634.107.221.82
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:51.300829887 CEST804972234.107.221.82192.168.2.16
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:51.352142096 CEST4972280192.168.2.1634.107.221.82
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:52.544008970 CEST4972680192.168.2.1634.107.221.82
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:52.551637888 CEST4972280192.168.2.1634.107.221.82
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:52.701033115 CEST804972634.107.221.82192.168.2.16
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:52.709076881 CEST804972234.107.221.82192.168.2.16
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:52.711556911 CEST4972680192.168.2.1634.107.221.82
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:52.750130892 CEST4972280192.168.2.1634.107.221.82
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:52.868225098 CEST804972634.107.221.82192.168.2.16
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:52.919115067 CEST4972680192.168.2.1634.107.221.82
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:58.394224882 CEST4972280192.168.2.1634.107.221.82
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:58.551342964 CEST804972234.107.221.82192.168.2.16
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:58.604096889 CEST4972280192.168.2.1634.107.221.82
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:28:02.880129099 CEST4972680192.168.2.1634.107.221.82
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:28:03.036422014 CEST804972634.107.221.82192.168.2.16
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:28:07.671613932 CEST4972680192.168.2.1634.107.221.82
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:28:07.827792883 CEST804972634.107.221.82192.168.2.16
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:28:07.828418970 CEST804972634.107.221.82192.168.2.16
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:28:07.874155045 CEST4972680192.168.2.1634.107.221.82
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:28:08.558162928 CEST4972280192.168.2.1634.107.221.82
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:28:08.714948893 CEST804972234.107.221.82192.168.2.16
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:28:14.330899000 CEST4972280192.168.2.1634.107.221.82
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:28:14.488485098 CEST804972234.107.221.82192.168.2.16
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:28:14.488742113 CEST804972234.107.221.82192.168.2.16
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:28:14.540136099 CEST4972280192.168.2.1634.107.221.82
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:28:14.656739950 CEST4972680192.168.2.1634.107.221.82
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:28:14.663173914 CEST49742443192.168.2.1634.149.100.209
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:28:14.663240910 CEST4434974234.149.100.209192.168.2.16
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:28:14.663338900 CEST49742443192.168.2.1634.149.100.209
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:28:14.663460970 CEST49742443192.168.2.1634.149.100.209
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:28:14.663479090 CEST4434974234.149.100.209192.168.2.16
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:28:14.782288074 CEST49743443192.168.2.1635.244.181.201
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:28:14.782330036 CEST4434974335.244.181.201192.168.2.16
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:28:14.782430887 CEST49743443192.168.2.1635.244.181.201
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:28:14.782517910 CEST49743443192.168.2.1635.244.181.201
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:28:14.782525063 CEST4434974335.244.181.201192.168.2.16
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:28:14.795481920 CEST49744443192.168.2.1618.173.166.117
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:28:14.795500040 CEST4434974418.173.166.117192.168.2.16
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:28:14.795571089 CEST49744443192.168.2.1618.173.166.117
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:28:14.795661926 CEST49744443192.168.2.1618.173.166.117
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:28:14.795669079 CEST4434974418.173.166.117192.168.2.16
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:28:14.827955008 CEST804972634.107.221.82192.168.2.16
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:28:14.882169962 CEST4972680192.168.2.1634.107.221.82
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:28:15.008945942 CEST4434974234.149.100.209192.168.2.16
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:28:15.009046078 CEST49742443192.168.2.1634.149.100.209
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:28:15.012031078 CEST49742443192.168.2.1634.149.100.209
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:28:15.012052059 CEST4434974234.149.100.209192.168.2.16
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:28:15.012862921 CEST4434974234.149.100.209192.168.2.16
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:28:15.014470100 CEST49742443192.168.2.1634.149.100.209
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:28:15.014559984 CEST49742443192.168.2.1634.149.100.209
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:28:15.014853954 CEST4434974234.149.100.209192.168.2.16
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:28:15.014914989 CEST49742443192.168.2.1634.149.100.209
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:28:15.067171097 CEST4434974418.173.166.117192.168.2.16
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:28:15.067251921 CEST49744443192.168.2.1618.173.166.117
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:28:15.070628881 CEST49744443192.168.2.1618.173.166.117
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:28:15.070636988 CEST4434974418.173.166.117192.168.2.16
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:28:15.070878029 CEST4434974418.173.166.117192.168.2.16
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:28:15.073369026 CEST49744443192.168.2.1618.173.166.117
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:28:15.073447943 CEST49744443192.168.2.1618.173.166.117
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:28:15.073496103 CEST4434974418.173.166.117192.168.2.16
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:28:15.073549032 CEST49744443192.168.2.1618.173.166.117
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:28:15.110625982 CEST4434974335.244.181.201192.168.2.16
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:28:15.110708952 CEST49743443192.168.2.1635.244.181.201
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:28:15.114888906 CEST49743443192.168.2.1635.244.181.201
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:28:15.114898920 CEST4434974335.244.181.201192.168.2.16
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:28:15.115699053 CEST4434974335.244.181.201192.168.2.16
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:28:15.117798090 CEST49743443192.168.2.1635.244.181.201
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:28:15.117878914 CEST49743443192.168.2.1635.244.181.201
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:28:15.118196011 CEST4434974335.244.181.201192.168.2.16
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:28:15.118256092 CEST49743443192.168.2.1635.244.181.201
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:28:15.254410982 CEST49745443192.168.2.1635.244.181.201
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:28:15.254460096 CEST4434974535.244.181.201192.168.2.16
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:28:15.254740953 CEST49746443192.168.2.1635.244.181.201
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:28:15.254772902 CEST4434974635.244.181.201192.168.2.16
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:28:15.255079985 CEST49745443192.168.2.1635.244.181.201
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:28:15.255157948 CEST49746443192.168.2.1635.244.181.201
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:28:15.255256891 CEST49745443192.168.2.1635.244.181.201
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:28:15.255270004 CEST4434974535.244.181.201192.168.2.16
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:28:15.255376101 CEST49746443192.168.2.1635.244.181.201
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:28:15.255388975 CEST4434974635.244.181.201192.168.2.16
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:28:15.255606890 CEST49747443192.168.2.1635.244.181.201
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:28:15.255629063 CEST4434974735.244.181.201192.168.2.16
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:28:15.256489992 CEST49747443192.168.2.1635.244.181.201
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:28:15.256617069 CEST4972280192.168.2.1634.107.221.82
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:28:15.256783962 CEST49747443192.168.2.1635.244.181.201
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:28:15.256795883 CEST4434974735.244.181.201192.168.2.16
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:28:15.385473013 CEST49749443192.168.2.1635.201.103.21
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:28:15.385555983 CEST4434974935.201.103.21192.168.2.16
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:28:15.385895967 CEST49749443192.168.2.1635.201.103.21
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:28:15.387320995 CEST49749443192.168.2.1635.201.103.21
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:28:15.387367010 CEST4434974935.201.103.21192.168.2.16
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:28:15.414125919 CEST804972234.107.221.82192.168.2.16
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:28:15.458197117 CEST4972280192.168.2.1634.107.221.82
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:28:15.579679012 CEST4434974635.244.181.201192.168.2.16
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:28:15.579751968 CEST49746443192.168.2.1635.244.181.201
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:28:15.579941988 CEST4434974735.244.181.201192.168.2.16
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:28:15.580008030 CEST49747443192.168.2.1635.244.181.201
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:28:15.580447912 CEST4434974535.244.181.201192.168.2.16
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:28:15.580518961 CEST49745443192.168.2.1635.244.181.201
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:28:15.582638025 CEST49746443192.168.2.1635.244.181.201
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:28:15.582647085 CEST4434974635.244.181.201192.168.2.16
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:28:15.582983017 CEST4434974635.244.181.201192.168.2.16
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:28:15.585237980 CEST49745443192.168.2.1635.244.181.201
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:28:15.585253954 CEST4434974535.244.181.201192.168.2.16
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:28:15.585728884 CEST4434974535.244.181.201192.168.2.16
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:28:15.587538958 CEST49747443192.168.2.1635.244.181.201
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:28:15.587552071 CEST4434974735.244.181.201192.168.2.16
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:28:15.587769985 CEST4434974735.244.181.201192.168.2.16
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:28:15.592143059 CEST49746443192.168.2.1635.244.181.201
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:28:15.592374086 CEST4434974635.244.181.201192.168.2.16
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:28:15.592417955 CEST49746443192.168.2.1635.244.181.201
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:28:15.592425108 CEST4434974635.244.181.201192.168.2.16
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:28:15.592433929 CEST49746443192.168.2.1635.244.181.201
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:28:15.592525005 CEST49745443192.168.2.1635.244.181.201
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:28:15.592598915 CEST49745443192.168.2.1635.244.181.201
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:28:15.592669010 CEST49747443192.168.2.1635.244.181.201
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:28:15.592725039 CEST49747443192.168.2.1635.244.181.201
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:28:15.592819929 CEST4434974735.244.181.201192.168.2.16
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:28:15.592864037 CEST49747443192.168.2.1635.244.181.201
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:28:15.592871904 CEST4434974535.244.181.201192.168.2.16
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:28:15.592921019 CEST49745443192.168.2.1635.244.181.201
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:28:15.730678082 CEST4434974935.201.103.21192.168.2.16
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:28:15.730768919 CEST49749443192.168.2.1635.201.103.21
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:28:15.735591888 CEST49749443192.168.2.1635.201.103.21
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:28:15.735618114 CEST4434974935.201.103.21192.168.2.16
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:28:15.735662937 CEST49749443192.168.2.1635.201.103.21
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:28:15.735905886 CEST4434974935.201.103.21192.168.2.16
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:28:15.735970974 CEST49749443192.168.2.1635.201.103.21
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:28:16.747576952 CEST4972680192.168.2.1634.107.221.82
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:28:16.752743006 CEST4972280192.168.2.1634.107.221.82
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:28:16.905340910 CEST804972634.107.221.82192.168.2.16
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:28:16.910973072 CEST804972234.107.221.82192.168.2.16
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:28:16.949270964 CEST4972680192.168.2.1634.107.221.82
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:28:16.964131117 CEST4972280192.168.2.1634.107.221.82
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:28:17.568083048 CEST4972680192.168.2.1634.107.221.82
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:28:17.725742102 CEST804972634.107.221.82192.168.2.16
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:28:17.775142908 CEST4972680192.168.2.1634.107.221.82
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:28:19.511704922 CEST49751443192.168.2.1634.149.100.209
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:28:19.511761904 CEST4434975134.149.100.209192.168.2.16
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:28:19.513641119 CEST49751443192.168.2.1634.149.100.209
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:28:19.513761044 CEST49751443192.168.2.1634.149.100.209
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:28:19.513772964 CEST4434975134.149.100.209192.168.2.16
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:28:19.835962057 CEST4434975134.149.100.209192.168.2.16
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:28:19.836045980 CEST49751443192.168.2.1634.149.100.209
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:28:25.902723074 CEST49751443192.168.2.1634.149.100.209
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:28:25.902754068 CEST4434975134.149.100.209192.168.2.16
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:28:25.903206110 CEST4434975134.149.100.209192.168.2.16
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:28:25.905546904 CEST49751443192.168.2.1634.149.100.209
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:28:25.905617952 CEST49751443192.168.2.1634.149.100.209
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:28:25.905771017 CEST4434975134.149.100.209192.168.2.16
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:28:25.905822992 CEST49751443192.168.2.1634.149.100.209
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:28:26.868140936 CEST4972280192.168.2.1634.107.221.82
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:28:26.926286936 CEST4972280192.168.2.1634.107.221.82
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:28:27.025886059 CEST804972234.107.221.82192.168.2.16
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:28:27.054780006 CEST4972680192.168.2.1634.107.221.82
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:28:27.066160917 CEST4972280192.168.2.1634.107.221.82
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:28:27.082981110 CEST804972234.107.221.82192.168.2.16
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:28:27.211894989 CEST804972634.107.221.82192.168.2.16
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:28:27.255211115 CEST4972680192.168.2.1634.107.221.82
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:28:31.324604988 CEST49752443192.168.2.1634.120.208.123
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:28:31.324650049 CEST4434975234.120.208.123192.168.2.16
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:28:31.324811935 CEST49753443192.168.2.1634.120.208.123
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:28:31.324850082 CEST4434975334.120.208.123192.168.2.16
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:28:31.325010061 CEST49754443192.168.2.1634.120.208.123
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:28:31.325102091 CEST4434975434.120.208.123192.168.2.16
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:28:31.325201035 CEST49755443192.168.2.1634.120.208.123
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:28:31.325246096 CEST4434975534.120.208.123192.168.2.16
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:28:31.325345993 CEST49756443192.168.2.1634.120.208.123
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:28:31.325438976 CEST4434975634.120.208.123192.168.2.16
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:28:31.325534105 CEST49757443192.168.2.1634.120.208.123
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:28:31.325570107 CEST4434975734.120.208.123192.168.2.16
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:28:31.325717926 CEST49752443192.168.2.1634.120.208.123
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:28:31.325723886 CEST49753443192.168.2.1634.120.208.123
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:28:31.325740099 CEST49754443192.168.2.1634.120.208.123
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:28:31.325762033 CEST49755443192.168.2.1634.120.208.123
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:28:31.325763941 CEST49756443192.168.2.1634.120.208.123
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:28:31.325861931 CEST49757443192.168.2.1634.120.208.123
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:28:31.325861931 CEST49752443192.168.2.1634.120.208.123
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:28:31.325879097 CEST4434975234.120.208.123192.168.2.16
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:28:31.326041937 CEST49757443192.168.2.1634.120.208.123
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:28:31.326050043 CEST4434975734.120.208.123192.168.2.16
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:28:31.326085091 CEST49756443192.168.2.1634.120.208.123
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:28:31.326105118 CEST4434975634.120.208.123192.168.2.16
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:28:31.326162100 CEST49755443192.168.2.1634.120.208.123
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:28:31.326185942 CEST4434975534.120.208.123192.168.2.16
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:28:31.326225042 CEST49754443192.168.2.1634.120.208.123
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:28:31.326261997 CEST4434975434.120.208.123192.168.2.16
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:28:31.326282978 CEST49753443192.168.2.1634.120.208.123
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:28:31.326303005 CEST4434975334.120.208.123192.168.2.16
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:28:31.647927999 CEST4434975734.120.208.123192.168.2.16
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:28:31.648008108 CEST4434975434.120.208.123192.168.2.16
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:28:31.648020029 CEST49757443192.168.2.1634.120.208.123
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:28:31.648093939 CEST49754443192.168.2.1634.120.208.123
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:28:31.650149107 CEST4434975534.120.208.123192.168.2.16
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:28:31.650245905 CEST49755443192.168.2.1634.120.208.123
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:28:31.651298046 CEST49757443192.168.2.1634.120.208.123
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:28:31.651315928 CEST4434975734.120.208.123192.168.2.16
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:28:31.651617050 CEST4434975734.120.208.123192.168.2.16
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:28:31.653878927 CEST49755443192.168.2.1634.120.208.123
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:28:31.653899908 CEST4434975534.120.208.123192.168.2.16
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:28:31.654318094 CEST4434975534.120.208.123192.168.2.16
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:28:31.657839060 CEST4434975234.120.208.123192.168.2.16
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:28:31.657987118 CEST49754443192.168.2.1634.120.208.123
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:28:31.658058882 CEST4434975434.120.208.123192.168.2.16
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:28:31.658265114 CEST4434975334.120.208.123192.168.2.16
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:28:31.658337116 CEST4434975434.120.208.123192.168.2.16
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:28:31.658400059 CEST49752443192.168.2.1634.120.208.123
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:28:31.658423901 CEST49753443192.168.2.1634.120.208.123
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:28:31.659806013 CEST4434975634.120.208.123192.168.2.16
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:28:31.660656929 CEST49756443192.168.2.1634.120.208.123
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:28:31.661292076 CEST49753443192.168.2.1634.120.208.123
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:28:31.661329031 CEST4434975334.120.208.123192.168.2.16
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:28:31.661709070 CEST4434975334.120.208.123192.168.2.16
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:28:31.663587093 CEST49752443192.168.2.1634.120.208.123
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:28:31.663614988 CEST4434975234.120.208.123192.168.2.16
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:28:31.663892984 CEST4434975234.120.208.123192.168.2.16
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:28:31.666698933 CEST49756443192.168.2.1634.120.208.123
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:28:31.666732073 CEST4434975634.120.208.123192.168.2.16
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:28:31.667478085 CEST4434975634.120.208.123192.168.2.16
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:28:31.672043085 CEST49757443192.168.2.1634.120.208.123
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:28:31.672246933 CEST4434975734.120.208.123192.168.2.16
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:28:31.672511101 CEST49757443192.168.2.1634.120.208.123
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:28:31.672719955 CEST49757443192.168.2.1634.120.208.123
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:28:31.672744036 CEST4434975734.120.208.123192.168.2.16
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:28:31.673722029 CEST49754443192.168.2.1634.120.208.123
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:28:31.673919916 CEST4434975434.120.208.123192.168.2.16
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:28:31.674050093 CEST49754443192.168.2.1634.120.208.123
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:28:31.674153090 CEST49754443192.168.2.1634.120.208.123
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:28:31.674200058 CEST4434975434.120.208.123192.168.2.16
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:28:31.712184906 CEST49753443192.168.2.1634.120.208.123
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:28:31.712191105 CEST49752443192.168.2.1634.120.208.123
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:28:31.712194920 CEST49755443192.168.2.1634.120.208.123
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:28:31.712310076 CEST49756443192.168.2.1634.120.208.123
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:28:31.962021112 CEST49755443192.168.2.1634.120.208.123
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:28:31.962615013 CEST4434975534.120.208.123192.168.2.16
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:28:31.962842941 CEST49755443192.168.2.1634.120.208.123
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:28:31.963187933 CEST49755443192.168.2.1634.120.208.123
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:28:31.963205099 CEST4434975534.120.208.123192.168.2.16
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:28:31.963382959 CEST49752443192.168.2.1634.120.208.123
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:28:31.963404894 CEST49753443192.168.2.1634.120.208.123
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:28:31.963700056 CEST49753443192.168.2.1634.120.208.123
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:28:31.963762999 CEST49752443192.168.2.1634.120.208.123
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:28:31.963933945 CEST4434975234.120.208.123192.168.2.16
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:28:31.964019060 CEST4434975334.120.208.123192.168.2.16
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:28:31.964086056 CEST49758443192.168.2.1634.120.208.123
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:28:31.964121103 CEST4434975834.120.208.123192.168.2.16
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:28:31.964219093 CEST49752443192.168.2.1634.120.208.123
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:28:31.964231014 CEST49753443192.168.2.1634.120.208.123
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:28:31.964257956 CEST49758443192.168.2.1634.120.208.123
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:28:31.964739084 CEST49759443192.168.2.1634.120.208.123
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:28:31.964776039 CEST4434975934.120.208.123192.168.2.16
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:28:31.965032101 CEST49758443192.168.2.1634.120.208.123
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:28:31.965044022 CEST4434975834.120.208.123192.168.2.16
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:28:31.966123104 CEST49756443192.168.2.1634.120.208.123
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:28:31.966226101 CEST49756443192.168.2.1634.120.208.123
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:28:31.966291904 CEST49759443192.168.2.1634.120.208.123
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:28:31.966428995 CEST49759443192.168.2.1634.120.208.123
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:28:31.966443062 CEST4434975934.120.208.123192.168.2.16
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:28:31.966685057 CEST4434975634.120.208.123192.168.2.16
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:28:31.966752052 CEST49756443192.168.2.1634.120.208.123
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:28:32.285988092 CEST4434975834.120.208.123192.168.2.16
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:28:32.286066055 CEST49758443192.168.2.1634.120.208.123
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:28:32.295224905 CEST4434975934.120.208.123192.168.2.16
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:28:32.295300961 CEST49759443192.168.2.1634.120.208.123
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:28:32.335374117 CEST49758443192.168.2.1634.120.208.123
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:28:32.335387945 CEST4434975834.120.208.123192.168.2.16
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:28:32.335669041 CEST4434975834.120.208.123192.168.2.16
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:28:32.337938070 CEST49759443192.168.2.1634.120.208.123
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:28:32.337961912 CEST4434975934.120.208.123192.168.2.16
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:28:32.338371992 CEST4972280192.168.2.1634.107.221.82
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:28:32.338870049 CEST4434975934.120.208.123192.168.2.16
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:28:32.341680050 CEST49758443192.168.2.1634.120.208.123
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:28:32.341761112 CEST49758443192.168.2.1634.120.208.123
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:28:32.341847897 CEST4434975834.120.208.123192.168.2.16
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:28:32.341862917 CEST49759443192.168.2.1634.120.208.123
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:28:32.341907024 CEST49759443192.168.2.1634.120.208.123
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:28:32.341911077 CEST49758443192.168.2.1634.120.208.123
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:28:32.342226982 CEST4434975934.120.208.123192.168.2.16
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:28:32.342287064 CEST49759443192.168.2.1634.120.208.123
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:28:32.495114088 CEST804972234.107.221.82192.168.2.16
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:28:32.495996952 CEST804972234.107.221.82192.168.2.16
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:28:32.548003912 CEST4972280192.168.2.1634.107.221.82
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:28:34.140230894 CEST4972680192.168.2.1634.107.221.82
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:28:34.143573999 CEST4972280192.168.2.1634.107.221.82
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:28:34.299201012 CEST804972634.107.221.82192.168.2.16
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:28:34.301644087 CEST804972234.107.221.82192.168.2.16
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:28:34.304373026 CEST4972680192.168.2.1634.107.221.82
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:28:34.352734089 CEST4972280192.168.2.1634.107.221.82
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:28:34.461384058 CEST804972634.107.221.82192.168.2.16
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:28:34.509316921 CEST4972680192.168.2.1634.107.221.82
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:28:34.892761946 CEST4972280192.168.2.1634.107.221.82
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:28:35.050513983 CEST804972234.107.221.82192.168.2.16
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:28:35.052918911 CEST4972680192.168.2.1634.107.221.82
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:28:35.105170012 CEST4972280192.168.2.1634.107.221.82
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:28:35.210098982 CEST804972634.107.221.82192.168.2.16
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:28:35.259048939 CEST4972680192.168.2.1634.107.221.82
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:28:45.052213907 CEST4972280192.168.2.1634.107.221.82
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:28:45.209202051 CEST804972234.107.221.82192.168.2.16
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:28:45.224230051 CEST4972680192.168.2.1634.107.221.82
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:28:45.380570889 CEST804972634.107.221.82192.168.2.16
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:28:55.221210957 CEST4972280192.168.2.1634.107.221.82
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:28:55.378034115 CEST804972234.107.221.82192.168.2.16
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:28:55.394226074 CEST4972680192.168.2.1634.107.221.82
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:28:55.569624901 CEST804972634.107.221.82192.168.2.16
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:29:05.385262012 CEST4972280192.168.2.1634.107.221.82
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:29:05.542087078 CEST804972234.107.221.82192.168.2.16
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:29:05.581239939 CEST4972680192.168.2.1634.107.221.82
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:29:05.756545067 CEST804972634.107.221.82192.168.2.16

                                                                                                                                                                                                                                                                                                                                        UDP Packets

                                                                                                                                                                                                                                                                                                                                        TimestampSource PortDest PortSource IPDest IP
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:30.276300907 CEST53595481.1.1.1192.168.2.16
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:31.695234060 CEST5278053192.168.2.161.1.1.1
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:31.824575901 CEST5815953192.168.2.161.1.1.1
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:31.950596094 CEST53581591.1.1.1192.168.2.16
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:31.951318979 CEST6545653192.168.2.161.1.1.1
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:32.076792002 CEST53654561.1.1.1192.168.2.16
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:33.666443110 CEST5809353192.168.2.161.1.1.1
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:33.676630020 CEST5970453192.168.2.161.1.1.1
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:33.791378021 CEST53580931.1.1.1192.168.2.16
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:33.793127060 CEST6170653192.168.2.161.1.1.1
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:33.802169085 CEST53597041.1.1.1192.168.2.16
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:33.803220034 CEST4937553192.168.2.161.1.1.1
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:33.918169022 CEST53617061.1.1.1192.168.2.16
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:33.928796053 CEST53493751.1.1.1192.168.2.16
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:33.931925058 CEST5520753192.168.2.161.1.1.1
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:34.058531046 CEST53552071.1.1.1192.168.2.16
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:34.170032024 CEST5725153192.168.2.161.1.1.1
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:34.174691916 CEST5692753192.168.2.161.1.1.1
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:34.295476913 CEST53572511.1.1.1192.168.2.16
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:34.770771027 CEST6245653192.168.2.161.1.1.1
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:34.771318913 CEST6285253192.168.2.161.1.1.1
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:34.896287918 CEST53624561.1.1.1192.168.2.16
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:34.897068024 CEST6477553192.168.2.161.1.1.1
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:34.919502020 CEST53628521.1.1.1192.168.2.16
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:34.920173883 CEST4998053192.168.2.161.1.1.1
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:35.023065090 CEST53647751.1.1.1192.168.2.16
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:35.046269894 CEST53499801.1.1.1192.168.2.16
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:35.343842030 CEST5684153192.168.2.161.1.1.1
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:35.468875885 CEST53568411.1.1.1192.168.2.16
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:35.470163107 CEST6331353192.168.2.161.1.1.1
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:35.599960089 CEST53633131.1.1.1192.168.2.16
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:35.600598097 CEST6399753192.168.2.161.1.1.1
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:35.725511074 CEST53639971.1.1.1192.168.2.16
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:38.740344048 CEST5550153192.168.2.161.1.1.1
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:39.128535986 CEST53558411.1.1.1192.168.2.16
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:39.565097094 CEST6165353192.168.2.161.1.1.1
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:39.927397966 CEST5848853192.168.2.161.1.1.1
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:39.941827059 CEST53605481.1.1.1192.168.2.16
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:39.983489990 CEST5942653192.168.2.161.1.1.1
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:40.047580957 CEST5062053192.168.2.161.1.1.1
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:40.052839041 CEST53584881.1.1.1192.168.2.16
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:40.056859970 CEST5646953192.168.2.161.1.1.1
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:40.108935118 CEST53594261.1.1.1192.168.2.16
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:40.173369884 CEST53506201.1.1.1192.168.2.16
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:40.173974037 CEST5042053192.168.2.161.1.1.1
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:40.182101965 CEST53564691.1.1.1192.168.2.16
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:40.182710886 CEST6417053192.168.2.161.1.1.1
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:40.300542116 CEST53504201.1.1.1192.168.2.16
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:40.311508894 CEST53641701.1.1.1192.168.2.16
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:47.986099958 CEST5814753192.168.2.161.1.1.1
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:49.545125961 CEST6157253192.168.2.161.1.1.1
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:49.670495033 CEST53615721.1.1.1192.168.2.16
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:50.747617960 CEST6016853192.168.2.161.1.1.1
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:50.998961926 CEST53626611.1.1.1192.168.2.16
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:52.541771889 CEST5087253192.168.2.161.1.1.1
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:52.541771889 CEST4940753192.168.2.161.1.1.1
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:52.542041063 CEST5722353192.168.2.161.1.1.1
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:52.670077085 CEST53508721.1.1.1192.168.2.16
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:52.670104027 CEST53494071.1.1.1192.168.2.16
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:52.671175003 CEST6249153192.168.2.161.1.1.1
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:52.671365023 CEST4930853192.168.2.161.1.1.1
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:52.672313929 CEST53572231.1.1.1192.168.2.16
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:52.672913074 CEST5239053192.168.2.161.1.1.1
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:52.795834064 CEST53624911.1.1.1192.168.2.16
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:52.796257019 CEST53493081.1.1.1192.168.2.16
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:52.796528101 CEST5551353192.168.2.161.1.1.1
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:52.797034025 CEST5079053192.168.2.161.1.1.1
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:52.798506021 CEST53523901.1.1.1192.168.2.16
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:52.798933029 CEST5478353192.168.2.161.1.1.1
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:52.921299934 CEST53555131.1.1.1192.168.2.16
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:52.922178030 CEST6185353192.168.2.161.1.1.1
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:52.922211885 CEST53507901.1.1.1192.168.2.16
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:52.922962904 CEST6399253192.168.2.161.1.1.1
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:52.924515009 CEST53547831.1.1.1192.168.2.16
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:53.047440052 CEST53639921.1.1.1192.168.2.16
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:53.047501087 CEST53618531.1.1.1192.168.2.16
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:53.048738003 CEST6010553192.168.2.161.1.1.1
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:53.048821926 CEST5026553192.168.2.161.1.1.1
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:53.174257040 CEST53601051.1.1.1192.168.2.16
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:53.174771070 CEST53502651.1.1.1192.168.2.16
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:53.174881935 CEST5033153192.168.2.161.1.1.1
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:53.175477028 CEST6477753192.168.2.161.1.1.1
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:53.300808907 CEST53503311.1.1.1192.168.2.16
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:53.300995111 CEST53647771.1.1.1192.168.2.16
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:28:12.364650011 CEST53515111.1.1.1192.168.2.16
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:28:14.663937092 CEST6310853192.168.2.161.1.1.1
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:28:14.782541990 CEST6419253192.168.2.161.1.1.1
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:28:14.794644117 CEST53631081.1.1.1192.168.2.16
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:28:14.795697927 CEST6242053192.168.2.161.1.1.1
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:28:14.912734985 CEST53641921.1.1.1192.168.2.16
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:28:14.925050020 CEST53624201.1.1.1192.168.2.16
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:28:14.927630901 CEST6270653192.168.2.161.1.1.1
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:28:15.060175896 CEST53627061.1.1.1192.168.2.16
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:28:15.259124041 CEST5721653192.168.2.161.1.1.1
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:28:15.384505033 CEST53572161.1.1.1192.168.2.16
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:28:15.385808945 CEST6033853192.168.2.161.1.1.1
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:28:15.511923075 CEST53603381.1.1.1192.168.2.16
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:28:15.512651920 CEST6418053192.168.2.161.1.1.1
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:28:15.638267994 CEST53641801.1.1.1192.168.2.16
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:28:31.324714899 CEST6026053192.168.2.161.1.1.1
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:28:31.450030088 CEST53602601.1.1.1192.168.2.16
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:28:32.337177038 CEST6236253192.168.2.161.1.1.1
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:28:34.354578018 CEST5561853192.168.2.161.1.1.1
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:28:34.779978991 CEST53604331.1.1.1192.168.2.16

                                                                                                                                                                                                                                                                                                                                        DNS Queries

                                                                                                                                                                                                                                                                                                                                        TimestampSource IPDest IPTrans IDOP CodeNameTypeClassDNS over HTTPS
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:31.695234060 CEST192.168.2.161.1.1.10xa0a4Standard query (0)detectportal.firefox.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:31.824575901 CEST192.168.2.161.1.1.10xa614Standard query (0)prod.detectportal.prod.cloudops.mozgcp.netA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:31.951318979 CEST192.168.2.161.1.1.10xaf23Standard query (0)prod.detectportal.prod.cloudops.mozgcp.net28IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:33.666443110 CEST192.168.2.161.1.1.10x1964Standard query (0)contile.services.mozilla.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:33.676630020 CEST192.168.2.161.1.1.10x526aStandard query (0)example.orgA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:33.793127060 CEST192.168.2.161.1.1.10xc97cStandard query (0)ipv4only.arpaA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:33.803220034 CEST192.168.2.161.1.1.10xa56cStandard query (0)contile.services.mozilla.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:33.931925058 CEST192.168.2.161.1.1.10xf732Standard query (0)contile.services.mozilla.com28IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:34.170032024 CEST192.168.2.161.1.1.10x4245Standard query (0)spocs.getpocket.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:34.174691916 CEST192.168.2.161.1.1.10x6385Standard query (0)detectportal.firefox.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:34.770771027 CEST192.168.2.161.1.1.10x4225Standard query (0)prod.ads.prod.webservices.mozgcp.netA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:34.771318913 CEST192.168.2.161.1.1.10xa9c2Standard query (0)prod.balrog.prod.cloudops.mozgcp.netA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:34.897068024 CEST192.168.2.161.1.1.10x9c7fStandard query (0)prod.ads.prod.webservices.mozgcp.net28IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:34.920173883 CEST192.168.2.161.1.1.10x3ae8Standard query (0)prod.balrog.prod.cloudops.mozgcp.net28IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:35.343842030 CEST192.168.2.161.1.1.10xb071Standard query (0)content-signature-2.cdn.mozilla.netA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:35.470163107 CEST192.168.2.161.1.1.10x57c1Standard query (0)prod.content-signature-chains.prod.webservices.mozgcp.netA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:35.600598097 CEST192.168.2.161.1.1.10x3accStandard query (0)prod.content-signature-chains.prod.webservices.mozgcp.net28IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:38.740344048 CEST192.168.2.161.1.1.10xb020Standard query (0)shavar.services.mozilla.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:39.565097094 CEST192.168.2.161.1.1.10x3db8Standard query (0)push.services.mozilla.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:39.927397966 CEST192.168.2.161.1.1.10x9ff4Standard query (0)firefox.settings.services.mozilla.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:39.983489990 CEST192.168.2.161.1.1.10x11f3Standard query (0)prod.balrog.prod.cloudops.mozgcp.net28IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:40.047580957 CEST192.168.2.161.1.1.10xab23Standard query (0)telemetry-incoming.r53-2.services.mozilla.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:40.056859970 CEST192.168.2.161.1.1.10x8184Standard query (0)prod.remote-settings.prod.webservices.mozgcp.netA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:40.173974037 CEST192.168.2.161.1.1.10x6342Standard query (0)telemetry-incoming.r53-2.services.mozilla.com28IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:40.182710886 CEST192.168.2.161.1.1.10x10c6Standard query (0)prod.remote-settings.prod.webservices.mozgcp.net28IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:47.986099958 CEST192.168.2.161.1.1.10x7849Standard query (0)detectportal.firefox.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:49.545125961 CEST192.168.2.161.1.1.10x6850Standard query (0)telemetry-incoming.r53-2.services.mozilla.com28IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:50.747617960 CEST192.168.2.161.1.1.10xf9a1Standard query (0)push.services.mozilla.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:52.541771889 CEST192.168.2.161.1.1.10x7657Standard query (0)www.facebook.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:52.541771889 CEST192.168.2.161.1.1.10x3f44Standard query (0)www.youtube.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:52.542041063 CEST192.168.2.161.1.1.10x21eeStandard query (0)www.wikipedia.orgA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:52.671175003 CEST192.168.2.161.1.1.10x45e7Standard query (0)star-mini.c10r.facebook.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:52.671365023 CEST192.168.2.161.1.1.10x387fStandard query (0)youtube-ui.l.google.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:52.672913074 CEST192.168.2.161.1.1.10xf8d5Standard query (0)dyna.wikimedia.orgA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:52.796528101 CEST192.168.2.161.1.1.10xe8f1Standard query (0)star-mini.c10r.facebook.com28IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:52.797034025 CEST192.168.2.161.1.1.10xa24Standard query (0)youtube-ui.l.google.com28IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:52.798933029 CEST192.168.2.161.1.1.10xde87Standard query (0)dyna.wikimedia.org28IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:52.922178030 CEST192.168.2.161.1.1.10xfc56Standard query (0)www.reddit.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:52.922962904 CEST192.168.2.161.1.1.10x4885Standard query (0)twitter.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:53.048738003 CEST192.168.2.161.1.1.10x6510Standard query (0)twitter.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:53.048821926 CEST192.168.2.161.1.1.10x9e37Standard query (0)reddit.map.fastly.netA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:53.174881935 CEST192.168.2.161.1.1.10xd2bStandard query (0)twitter.com28IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:53.175477028 CEST192.168.2.161.1.1.10x6b2fStandard query (0)reddit.map.fastly.net28IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:28:14.663937092 CEST192.168.2.161.1.1.10x15b2Standard query (0)services.addons.mozilla.orgA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:28:14.782541990 CEST192.168.2.161.1.1.10xe432Standard query (0)prod.balrog.prod.cloudops.mozgcp.net28IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:28:14.795697927 CEST192.168.2.161.1.1.10x87b6Standard query (0)services.addons.mozilla.orgA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:28:14.927630901 CEST192.168.2.161.1.1.10x1ac9Standard query (0)services.addons.mozilla.org28IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:28:15.259124041 CEST192.168.2.161.1.1.10x64e0Standard query (0)normandy.cdn.mozilla.netA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:28:15.385808945 CEST192.168.2.161.1.1.10xd9e6Standard query (0)normandy-cdn.services.mozilla.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:28:15.512651920 CEST192.168.2.161.1.1.10x1310Standard query (0)normandy-cdn.services.mozilla.com28IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:28:31.324714899 CEST192.168.2.161.1.1.10xe4cbStandard query (0)telemetry-incoming.r53-2.services.mozilla.com28IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:28:32.337177038 CEST192.168.2.161.1.1.10x54cdStandard query (0)detectportal.firefox.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:28:34.354578018 CEST192.168.2.161.1.1.10x8720Standard query (0)push.services.mozilla.comA (IP address)IN (0x0001)false

                                                                                                                                                                                                                                                                                                                                        DNS Answers

                                                                                                                                                                                                                                                                                                                                        TimestampSource IPDest IPTrans IDReply CodeNameCNameAddressTypeClassDNS over HTTPS
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:31.820663929 CEST1.1.1.1192.168.2.160xa0a4No error (0)detectportal.firefox.comdetectportal.prod.mozaws.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:31.820663929 CEST1.1.1.1192.168.2.160xa0a4No error (0)prod.detectportal.prod.cloudops.mozgcp.net34.107.221.82A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:31.950596094 CEST1.1.1.1192.168.2.160xa614No error (0)prod.detectportal.prod.cloudops.mozgcp.net34.107.221.82A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:32.076792002 CEST1.1.1.1192.168.2.160xaf23No error (0)prod.detectportal.prod.cloudops.mozgcp.net28IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:33.791378021 CEST1.1.1.1192.168.2.160x1964No error (0)contile.services.mozilla.com34.117.188.166A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:33.802169085 CEST1.1.1.1192.168.2.160x526aNo error (0)example.org93.184.215.14A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:33.918169022 CEST1.1.1.1192.168.2.160xc97cNo error (0)ipv4only.arpa192.0.0.170A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:33.918169022 CEST1.1.1.1192.168.2.160xc97cNo error (0)ipv4only.arpa192.0.0.171A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:33.928796053 CEST1.1.1.1192.168.2.160xa56cNo error (0)contile.services.mozilla.com34.117.188.166A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:34.295476913 CEST1.1.1.1192.168.2.160x4245No error (0)spocs.getpocket.comprod.ads.prod.webservices.mozgcp.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:34.295476913 CEST1.1.1.1192.168.2.160x4245No error (0)prod.ads.prod.webservices.mozgcp.net34.117.188.166A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:34.300024033 CEST1.1.1.1192.168.2.160x6385No error (0)detectportal.firefox.comdetectportal.prod.mozaws.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:34.300024033 CEST1.1.1.1192.168.2.160x6385No error (0)prod.detectportal.prod.cloudops.mozgcp.net34.107.221.82A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:34.371143103 CEST1.1.1.1192.168.2.160xe03aNo error (0)balrog-aus5.r53-2.services.mozilla.comprod.balrog.prod.cloudops.mozgcp.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:34.371143103 CEST1.1.1.1192.168.2.160xe03aNo error (0)prod.balrog.prod.cloudops.mozgcp.net35.244.181.201A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:34.896287918 CEST1.1.1.1192.168.2.160x4225No error (0)prod.ads.prod.webservices.mozgcp.net34.117.188.166A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:34.919502020 CEST1.1.1.1192.168.2.160xa9c2No error (0)prod.balrog.prod.cloudops.mozgcp.net35.244.181.201A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:35.468875885 CEST1.1.1.1192.168.2.160xb071No error (0)content-signature-2.cdn.mozilla.netcontent-signature-chains.prod.autograph.services.mozaws.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:35.468875885 CEST1.1.1.1192.168.2.160xb071No error (0)content-signature-chains.prod.autograph.services.mozaws.netprod.content-signature-chains.prod.webservices.mozgcp.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:35.468875885 CEST1.1.1.1192.168.2.160xb071No error (0)prod.content-signature-chains.prod.webservices.mozgcp.net34.160.144.191A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:35.599960089 CEST1.1.1.1192.168.2.160x57c1No error (0)prod.content-signature-chains.prod.webservices.mozgcp.net34.160.144.191A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:35.725511074 CEST1.1.1.1192.168.2.160x3accNo error (0)prod.content-signature-chains.prod.webservices.mozgcp.net28IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:38.867088079 CEST1.1.1.1192.168.2.160xb020No error (0)shavar.services.mozilla.comshavar.prod.mozaws.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:39.690068960 CEST1.1.1.1192.168.2.160x3db8No error (0)push.services.mozilla.comautopush.prod.mozaws.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:40.039256096 CEST1.1.1.1192.168.2.160x1935No error (0)telemetry-incoming.r53-2.services.mozilla.com34.120.208.123A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:40.052839041 CEST1.1.1.1192.168.2.160x9ff4No error (0)firefox.settings.services.mozilla.comprod.remote-settings.prod.webservices.mozgcp.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:40.052839041 CEST1.1.1.1192.168.2.160x9ff4No error (0)prod.remote-settings.prod.webservices.mozgcp.net34.149.100.209A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:40.107928038 CEST1.1.1.1192.168.2.160xf02bNo error (0)balrog-aus5.r53-2.services.mozilla.comprod.balrog.prod.cloudops.mozgcp.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:40.107928038 CEST1.1.1.1192.168.2.160xf02bNo error (0)prod.balrog.prod.cloudops.mozgcp.net35.244.181.201A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:40.173369884 CEST1.1.1.1192.168.2.160xab23No error (0)telemetry-incoming.r53-2.services.mozilla.com34.120.208.123A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:40.182101965 CEST1.1.1.1192.168.2.160x8184No error (0)prod.remote-settings.prod.webservices.mozgcp.net34.149.100.209A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:40.656780005 CEST1.1.1.1192.168.2.160x882dNo error (0)telemetry-incoming.r53-2.services.mozilla.com34.120.208.123A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:48.110632896 CEST1.1.1.1192.168.2.160x7849No error (0)detectportal.firefox.comdetectportal.prod.mozaws.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:48.110632896 CEST1.1.1.1192.168.2.160x7849No error (0)prod.detectportal.prod.cloudops.mozgcp.net34.107.221.82A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:50.872869015 CEST1.1.1.1192.168.2.160xf9a1No error (0)push.services.mozilla.comautopush.prod.mozaws.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:52.670077085 CEST1.1.1.1192.168.2.160x7657No error (0)www.facebook.comstar-mini.c10r.facebook.comCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:52.670077085 CEST1.1.1.1192.168.2.160x7657No error (0)star-mini.c10r.facebook.com157.240.14.35A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:52.670104027 CEST1.1.1.1192.168.2.160x3f44No error (0)www.youtube.comyoutube-ui.l.google.comCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:52.670104027 CEST1.1.1.1192.168.2.160x3f44No error (0)youtube-ui.l.google.com142.250.64.174A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:52.670104027 CEST1.1.1.1192.168.2.160x3f44No error (0)youtube-ui.l.google.com142.250.217.238A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:52.670104027 CEST1.1.1.1192.168.2.160x3f44No error (0)youtube-ui.l.google.com142.250.64.142A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:52.670104027 CEST1.1.1.1192.168.2.160x3f44No error (0)youtube-ui.l.google.com142.251.35.238A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:52.670104027 CEST1.1.1.1192.168.2.160x3f44No error (0)youtube-ui.l.google.com172.217.165.206A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:52.670104027 CEST1.1.1.1192.168.2.160x3f44No error (0)youtube-ui.l.google.com142.250.217.206A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:52.670104027 CEST1.1.1.1192.168.2.160x3f44No error (0)youtube-ui.l.google.com142.250.64.238A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:52.670104027 CEST1.1.1.1192.168.2.160x3f44No error (0)youtube-ui.l.google.com172.217.2.206A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:52.670104027 CEST1.1.1.1192.168.2.160x3f44No error (0)youtube-ui.l.google.com142.250.217.174A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:52.670104027 CEST1.1.1.1192.168.2.160x3f44No error (0)youtube-ui.l.google.com192.178.50.78A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:52.670104027 CEST1.1.1.1192.168.2.160x3f44No error (0)youtube-ui.l.google.com192.178.50.46A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:52.670104027 CEST1.1.1.1192.168.2.160x3f44No error (0)youtube-ui.l.google.com172.217.15.206A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:52.670104027 CEST1.1.1.1192.168.2.160x3f44No error (0)youtube-ui.l.google.com142.250.189.142A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:52.672313929 CEST1.1.1.1192.168.2.160x21eeNo error (0)www.wikipedia.orgdyna.wikimedia.orgCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:52.672313929 CEST1.1.1.1192.168.2.160x21eeNo error (0)dyna.wikimedia.org208.80.154.224A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:52.795834064 CEST1.1.1.1192.168.2.160x45e7No error (0)star-mini.c10r.facebook.com157.240.14.35A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:52.796257019 CEST1.1.1.1192.168.2.160x387fNo error (0)youtube-ui.l.google.com142.251.35.238A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:52.796257019 CEST1.1.1.1192.168.2.160x387fNo error (0)youtube-ui.l.google.com142.250.189.142A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:52.796257019 CEST1.1.1.1192.168.2.160x387fNo error (0)youtube-ui.l.google.com142.250.217.238A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:52.796257019 CEST1.1.1.1192.168.2.160x387fNo error (0)youtube-ui.l.google.com142.250.217.206A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:52.796257019 CEST1.1.1.1192.168.2.160x387fNo error (0)youtube-ui.l.google.com142.250.64.238A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:52.796257019 CEST1.1.1.1192.168.2.160x387fNo error (0)youtube-ui.l.google.com172.217.165.206A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:52.796257019 CEST1.1.1.1192.168.2.160x387fNo error (0)youtube-ui.l.google.com142.250.64.174A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:52.796257019 CEST1.1.1.1192.168.2.160x387fNo error (0)youtube-ui.l.google.com192.178.50.46A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:52.796257019 CEST1.1.1.1192.168.2.160x387fNo error (0)youtube-ui.l.google.com142.250.64.206A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:52.796257019 CEST1.1.1.1192.168.2.160x387fNo error (0)youtube-ui.l.google.com142.250.217.174A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:52.796257019 CEST1.1.1.1192.168.2.160x387fNo error (0)youtube-ui.l.google.com172.217.15.206A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:52.796257019 CEST1.1.1.1192.168.2.160x387fNo error (0)youtube-ui.l.google.com192.178.50.78A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:52.798506021 CEST1.1.1.1192.168.2.160xf8d5No error (0)dyna.wikimedia.org208.80.154.224A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:52.921299934 CEST1.1.1.1192.168.2.160xe8f1No error (0)star-mini.c10r.facebook.com28IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:52.922211885 CEST1.1.1.1192.168.2.160xa24No error (0)youtube-ui.l.google.com28IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:52.922211885 CEST1.1.1.1192.168.2.160xa24No error (0)youtube-ui.l.google.com28IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:52.922211885 CEST1.1.1.1192.168.2.160xa24No error (0)youtube-ui.l.google.com28IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:52.922211885 CEST1.1.1.1192.168.2.160xa24No error (0)youtube-ui.l.google.com28IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:52.924515009 CEST1.1.1.1192.168.2.160xde87No error (0)dyna.wikimedia.org28IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:53.047440052 CEST1.1.1.1192.168.2.160x4885No error (0)twitter.com104.244.42.193A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:53.047501087 CEST1.1.1.1192.168.2.160xfc56No error (0)www.reddit.comreddit.map.fastly.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:53.047501087 CEST1.1.1.1192.168.2.160xfc56No error (0)reddit.map.fastly.net151.101.1.140A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:53.047501087 CEST1.1.1.1192.168.2.160xfc56No error (0)reddit.map.fastly.net151.101.129.140A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:53.047501087 CEST1.1.1.1192.168.2.160xfc56No error (0)reddit.map.fastly.net151.101.193.140A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:53.047501087 CEST1.1.1.1192.168.2.160xfc56No error (0)reddit.map.fastly.net151.101.65.140A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:53.174257040 CEST1.1.1.1192.168.2.160x6510No error (0)twitter.com104.244.42.1A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:53.174771070 CEST1.1.1.1192.168.2.160x9e37No error (0)reddit.map.fastly.net151.101.1.140A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:53.174771070 CEST1.1.1.1192.168.2.160x9e37No error (0)reddit.map.fastly.net151.101.129.140A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:53.174771070 CEST1.1.1.1192.168.2.160x9e37No error (0)reddit.map.fastly.net151.101.65.140A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:53.174771070 CEST1.1.1.1192.168.2.160x9e37No error (0)reddit.map.fastly.net151.101.193.140A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:28:14.781275988 CEST1.1.1.1192.168.2.160xa4f7No error (0)balrog-aus5.r53-2.services.mozilla.comprod.balrog.prod.cloudops.mozgcp.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:28:14.781275988 CEST1.1.1.1192.168.2.160xa4f7No error (0)prod.balrog.prod.cloudops.mozgcp.net35.244.181.201A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:28:14.794644117 CEST1.1.1.1192.168.2.160x15b2No error (0)services.addons.mozilla.org18.173.166.117A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:28:14.794644117 CEST1.1.1.1192.168.2.160x15b2No error (0)services.addons.mozilla.org18.173.166.77A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:28:14.794644117 CEST1.1.1.1192.168.2.160x15b2No error (0)services.addons.mozilla.org18.173.166.98A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:28:14.794644117 CEST1.1.1.1192.168.2.160x15b2No error (0)services.addons.mozilla.org18.173.166.111A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:28:14.925050020 CEST1.1.1.1192.168.2.160x87b6No error (0)services.addons.mozilla.org3.163.101.39A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:28:14.925050020 CEST1.1.1.1192.168.2.160x87b6No error (0)services.addons.mozilla.org3.163.101.87A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:28:14.925050020 CEST1.1.1.1192.168.2.160x87b6No error (0)services.addons.mozilla.org3.163.101.76A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:28:14.925050020 CEST1.1.1.1192.168.2.160x87b6No error (0)services.addons.mozilla.org3.163.101.10A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:28:15.384505033 CEST1.1.1.1192.168.2.160x64e0No error (0)normandy.cdn.mozilla.netnormandy-cdn.services.mozilla.comCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:28:15.384505033 CEST1.1.1.1192.168.2.160x64e0No error (0)normandy-cdn.services.mozilla.com35.201.103.21A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:28:15.511923075 CEST1.1.1.1192.168.2.160xd9e6No error (0)normandy-cdn.services.mozilla.com35.201.103.21A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:28:17.300350904 CEST1.1.1.1192.168.2.160xe1b4No error (0)a21ed24aedde648804e7-228765c84088fef4ff5e70f2710398e9.r17.cf1.rackcdn.coma17.rackcdn.comCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:28:17.300350904 CEST1.1.1.1192.168.2.160xe1b4No error (0)a17.rackcdn.coma17.rackcdn.com.mdc.edgesuite.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:28:31.322952986 CEST1.1.1.1192.168.2.160x119cNo error (0)telemetry-incoming.r53-2.services.mozilla.com34.120.208.123A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:28:32.462105989 CEST1.1.1.1192.168.2.160x54cdNo error (0)detectportal.firefox.comdetectportal.prod.mozaws.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:28:32.462105989 CEST1.1.1.1192.168.2.160x54cdNo error (0)prod.detectportal.prod.cloudops.mozgcp.net34.107.221.82A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:28:34.526284933 CEST1.1.1.1192.168.2.160x8720No error (0)push.services.mozilla.comautopush.prod.mozaws.netCNAME (Canonical name)IN (0x0001)false

                                                                                                                                                                                                                                                                                                                                        HTTP Request Dependency Graph

                                                                                                                                                                                                                                                                                                                                        • detectportal.firefox.com

                                                                                                                                                                                                                                                                                                                                        HTTP Packets

                                                                                                                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                                                                        0192.168.2.164971434.107.221.82806392C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:33.171468973 CEST303OUTGET /canonical.html HTTP/1.1
                                                                                                                                                                                                                                                                                                                                        Host: detectportal.firefox.com
                                                                                                                                                                                                                                                                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0
                                                                                                                                                                                                                                                                                                                                        Accept: */*
                                                                                                                                                                                                                                                                                                                                        Accept-Language: en-US,en;q=0.5
                                                                                                                                                                                                                                                                                                                                        Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                                                                                                                                        Cache-Control: no-cache
                                                                                                                                                                                                                                                                                                                                        Pragma: no-cache
                                                                                                                                                                                                                                                                                                                                        Connection: keep-alive
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:33.370250940 CEST298INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                        Server: nginx
                                                                                                                                                                                                                                                                                                                                        Content-Length: 90
                                                                                                                                                                                                                                                                                                                                        Via: 1.1 google
                                                                                                                                                                                                                                                                                                                                        Date: Thu, 25 Apr 2024 22:15:10 GMT
                                                                                                                                                                                                                                                                                                                                        Age: 25943
                                                                                                                                                                                                                                                                                                                                        Content-Type: text/html
                                                                                                                                                                                                                                                                                                                                        Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
                                                                                                                                                                                                                                                                                                                                        Data Raw: 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 72 65 66 72 65 73 68 22 20 63 6f 6e 74 65 6e 74 3d 22 30 3b 75 72 6c 3d 68 74 74 70 73 3a 2f 2f 73 75 70 70 6f 72 74 2e 6d 6f 7a 69 6c 6c 61 2e 6f 72 67 2f 6b 62 2f 63 61 70 74 69 76 65 2d 70 6f 72 74 61 6c 22 2f 3e
                                                                                                                                                                                                                                                                                                                                        Data Ascii: <meta http-equiv="refresh" content="0;url=https://support.mozilla.org/kb/captive-portal"/>


                                                                                                                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                                                                        1192.168.2.164971834.107.221.82806392C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:34.931619883 CEST305OUTGET /success.txt?ipv4 HTTP/1.1
                                                                                                                                                                                                                                                                                                                                        Host: detectportal.firefox.com
                                                                                                                                                                                                                                                                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0
                                                                                                                                                                                                                                                                                                                                        Accept: */*
                                                                                                                                                                                                                                                                                                                                        Accept-Language: en-US,en;q=0.5
                                                                                                                                                                                                                                                                                                                                        Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                                                                                                                                        Connection: keep-alive
                                                                                                                                                                                                                                                                                                                                        Pragma: no-cache
                                                                                                                                                                                                                                                                                                                                        Cache-Control: no-cache
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:35.088825941 CEST216INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                        Server: nginx
                                                                                                                                                                                                                                                                                                                                        Content-Length: 8
                                                                                                                                                                                                                                                                                                                                        Via: 1.1 google
                                                                                                                                                                                                                                                                                                                                        Date: Thu, 25 Apr 2024 08:12:42 GMT
                                                                                                                                                                                                                                                                                                                                        Age: 76493
                                                                                                                                                                                                                                                                                                                                        Content-Type: text/plain
                                                                                                                                                                                                                                                                                                                                        Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
                                                                                                                                                                                                                                                                                                                                        Data Raw: 73 75 63 63 65 73 73 0a
                                                                                                                                                                                                                                                                                                                                        Data Ascii: success


                                                                                                                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                                                                        2192.168.2.164972234.107.221.82806392C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:35.718322039 CEST303OUTGET /canonical.html HTTP/1.1
                                                                                                                                                                                                                                                                                                                                        Host: detectportal.firefox.com
                                                                                                                                                                                                                                                                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0
                                                                                                                                                                                                                                                                                                                                        Accept: */*
                                                                                                                                                                                                                                                                                                                                        Accept-Language: en-US,en;q=0.5
                                                                                                                                                                                                                                                                                                                                        Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                                                                                                                                        Cache-Control: no-cache
                                                                                                                                                                                                                                                                                                                                        Pragma: no-cache
                                                                                                                                                                                                                                                                                                                                        Connection: keep-alive
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:35.876023054 CEST298INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                        Server: nginx
                                                                                                                                                                                                                                                                                                                                        Content-Length: 90
                                                                                                                                                                                                                                                                                                                                        Via: 1.1 google
                                                                                                                                                                                                                                                                                                                                        Date: Thu, 25 Apr 2024 14:23:22 GMT
                                                                                                                                                                                                                                                                                                                                        Content-Type: text/html
                                                                                                                                                                                                                                                                                                                                        Age: 54253
                                                                                                                                                                                                                                                                                                                                        Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
                                                                                                                                                                                                                                                                                                                                        Data Raw: 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 72 65 66 72 65 73 68 22 20 63 6f 6e 74 65 6e 74 3d 22 30 3b 75 72 6c 3d 68 74 74 70 73 3a 2f 2f 73 75 70 70 6f 72 74 2e 6d 6f 7a 69 6c 6c 61 2e 6f 72 67 2f 6b 62 2f 63 61 70 74 69 76 65 2d 70 6f 72 74 61 6c 22 2f 3e
                                                                                                                                                                                                                                                                                                                                        Data Ascii: <meta http-equiv="refresh" content="0;url=https://support.mozilla.org/kb/captive-portal"/>
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:38.739998102 CEST303OUTGET /canonical.html HTTP/1.1
                                                                                                                                                                                                                                                                                                                                        Host: detectportal.firefox.com
                                                                                                                                                                                                                                                                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0
                                                                                                                                                                                                                                                                                                                                        Accept: */*
                                                                                                                                                                                                                                                                                                                                        Accept-Language: en-US,en;q=0.5
                                                                                                                                                                                                                                                                                                                                        Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                                                                                                                                        Cache-Control: no-cache
                                                                                                                                                                                                                                                                                                                                        Pragma: no-cache
                                                                                                                                                                                                                                                                                                                                        Connection: keep-alive
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:38.899175882 CEST298INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                        Server: nginx
                                                                                                                                                                                                                                                                                                                                        Content-Length: 90
                                                                                                                                                                                                                                                                                                                                        Via: 1.1 google
                                                                                                                                                                                                                                                                                                                                        Date: Thu, 25 Apr 2024 14:23:22 GMT
                                                                                                                                                                                                                                                                                                                                        Content-Type: text/html
                                                                                                                                                                                                                                                                                                                                        Age: 54256
                                                                                                                                                                                                                                                                                                                                        Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
                                                                                                                                                                                                                                                                                                                                        Data Raw: 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 72 65 66 72 65 73 68 22 20 63 6f 6e 74 65 6e 74 3d 22 30 3b 75 72 6c 3d 68 74 74 70 73 3a 2f 2f 73 75 70 70 6f 72 74 2e 6d 6f 7a 69 6c 6c 61 2e 6f 72 67 2f 6b 62 2f 63 61 70 74 69 76 65 2d 70 6f 72 74 61 6c 22 2f 3e
                                                                                                                                                                                                                                                                                                                                        Data Ascii: <meta http-equiv="refresh" content="0;url=https://support.mozilla.org/kb/captive-portal"/>
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:39.558113098 CEST303OUTGET /canonical.html HTTP/1.1
                                                                                                                                                                                                                                                                                                                                        Host: detectportal.firefox.com
                                                                                                                                                                                                                                                                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0
                                                                                                                                                                                                                                                                                                                                        Accept: */*
                                                                                                                                                                                                                                                                                                                                        Accept-Language: en-US,en;q=0.5
                                                                                                                                                                                                                                                                                                                                        Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                                                                                                                                        Cache-Control: no-cache
                                                                                                                                                                                                                                                                                                                                        Pragma: no-cache
                                                                                                                                                                                                                                                                                                                                        Connection: keep-alive
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:39.715786934 CEST298INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                        Server: nginx
                                                                                                                                                                                                                                                                                                                                        Content-Length: 90
                                                                                                                                                                                                                                                                                                                                        Via: 1.1 google
                                                                                                                                                                                                                                                                                                                                        Date: Thu, 25 Apr 2024 14:23:22 GMT
                                                                                                                                                                                                                                                                                                                                        Content-Type: text/html
                                                                                                                                                                                                                                                                                                                                        Age: 54257
                                                                                                                                                                                                                                                                                                                                        Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
                                                                                                                                                                                                                                                                                                                                        Data Raw: 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 72 65 66 72 65 73 68 22 20 63 6f 6e 74 65 6e 74 3d 22 30 3b 75 72 6c 3d 68 74 74 70 73 3a 2f 2f 73 75 70 70 6f 72 74 2e 6d 6f 7a 69 6c 6c 61 2e 6f 72 67 2f 6b 62 2f 63 61 70 74 69 76 65 2d 70 6f 72 74 61 6c 22 2f 3e
                                                                                                                                                                                                                                                                                                                                        Data Ascii: <meta http-equiv="refresh" content="0;url=https://support.mozilla.org/kb/captive-portal"/>
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:40.525810957 CEST303OUTGET /canonical.html HTTP/1.1
                                                                                                                                                                                                                                                                                                                                        Host: detectportal.firefox.com
                                                                                                                                                                                                                                                                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0
                                                                                                                                                                                                                                                                                                                                        Accept: */*
                                                                                                                                                                                                                                                                                                                                        Accept-Language: en-US,en;q=0.5
                                                                                                                                                                                                                                                                                                                                        Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                                                                                                                                        Cache-Control: no-cache
                                                                                                                                                                                                                                                                                                                                        Pragma: no-cache
                                                                                                                                                                                                                                                                                                                                        Connection: keep-alive
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:40.683218956 CEST298INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                        Server: nginx
                                                                                                                                                                                                                                                                                                                                        Content-Length: 90
                                                                                                                                                                                                                                                                                                                                        Via: 1.1 google
                                                                                                                                                                                                                                                                                                                                        Date: Thu, 25 Apr 2024 14:23:22 GMT
                                                                                                                                                                                                                                                                                                                                        Content-Type: text/html
                                                                                                                                                                                                                                                                                                                                        Age: 54258
                                                                                                                                                                                                                                                                                                                                        Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
                                                                                                                                                                                                                                                                                                                                        Data Raw: 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 72 65 66 72 65 73 68 22 20 63 6f 6e 74 65 6e 74 3d 22 30 3b 75 72 6c 3d 68 74 74 70 73 3a 2f 2f 73 75 70 70 6f 72 74 2e 6d 6f 7a 69 6c 6c 61 2e 6f 72 67 2f 6b 62 2f 63 61 70 74 69 76 65 2d 70 6f 72 74 61 6c 22 2f 3e
                                                                                                                                                                                                                                                                                                                                        Data Ascii: <meta http-equiv="refresh" content="0;url=https://support.mozilla.org/kb/captive-portal"/>
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:49.543829918 CEST303OUTGET /canonical.html HTTP/1.1
                                                                                                                                                                                                                                                                                                                                        Host: detectportal.firefox.com
                                                                                                                                                                                                                                                                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0
                                                                                                                                                                                                                                                                                                                                        Accept: */*
                                                                                                                                                                                                                                                                                                                                        Accept-Language: en-US,en;q=0.5
                                                                                                                                                                                                                                                                                                                                        Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                                                                                                                                        Cache-Control: no-cache
                                                                                                                                                                                                                                                                                                                                        Pragma: no-cache
                                                                                                                                                                                                                                                                                                                                        Connection: keep-alive
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:49.702290058 CEST298INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                        Server: nginx
                                                                                                                                                                                                                                                                                                                                        Content-Length: 90
                                                                                                                                                                                                                                                                                                                                        Via: 1.1 google
                                                                                                                                                                                                                                                                                                                                        Date: Thu, 25 Apr 2024 14:23:22 GMT
                                                                                                                                                                                                                                                                                                                                        Content-Type: text/html
                                                                                                                                                                                                                                                                                                                                        Age: 54267
                                                                                                                                                                                                                                                                                                                                        Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
                                                                                                                                                                                                                                                                                                                                        Data Raw: 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 72 65 66 72 65 73 68 22 20 63 6f 6e 74 65 6e 74 3d 22 30 3b 75 72 6c 3d 68 74 74 70 73 3a 2f 2f 73 75 70 70 6f 72 74 2e 6d 6f 7a 69 6c 6c 61 2e 6f 72 67 2f 6b 62 2f 63 61 70 74 69 76 65 2d 70 6f 72 74 61 6c 22 2f 3e
                                                                                                                                                                                                                                                                                                                                        Data Ascii: <meta http-equiv="refresh" content="0;url=https://support.mozilla.org/kb/captive-portal"/>
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:51.143177986 CEST303OUTGET /canonical.html HTTP/1.1
                                                                                                                                                                                                                                                                                                                                        Host: detectportal.firefox.com
                                                                                                                                                                                                                                                                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0
                                                                                                                                                                                                                                                                                                                                        Accept: */*
                                                                                                                                                                                                                                                                                                                                        Accept-Language: en-US,en;q=0.5
                                                                                                                                                                                                                                                                                                                                        Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                                                                                                                                        Cache-Control: no-cache
                                                                                                                                                                                                                                                                                                                                        Pragma: no-cache
                                                                                                                                                                                                                                                                                                                                        Connection: keep-alive
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:51.300829887 CEST298INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                        Server: nginx
                                                                                                                                                                                                                                                                                                                                        Content-Length: 90
                                                                                                                                                                                                                                                                                                                                        Via: 1.1 google
                                                                                                                                                                                                                                                                                                                                        Date: Thu, 25 Apr 2024 14:23:22 GMT
                                                                                                                                                                                                                                                                                                                                        Content-Type: text/html
                                                                                                                                                                                                                                                                                                                                        Age: 54269
                                                                                                                                                                                                                                                                                                                                        Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
                                                                                                                                                                                                                                                                                                                                        Data Raw: 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 72 65 66 72 65 73 68 22 20 63 6f 6e 74 65 6e 74 3d 22 30 3b 75 72 6c 3d 68 74 74 70 73 3a 2f 2f 73 75 70 70 6f 72 74 2e 6d 6f 7a 69 6c 6c 61 2e 6f 72 67 2f 6b 62 2f 63 61 70 74 69 76 65 2d 70 6f 72 74 61 6c 22 2f 3e
                                                                                                                                                                                                                                                                                                                                        Data Ascii: <meta http-equiv="refresh" content="0;url=https://support.mozilla.org/kb/captive-portal"/>
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:52.551637888 CEST303OUTGET /canonical.html HTTP/1.1
                                                                                                                                                                                                                                                                                                                                        Host: detectportal.firefox.com
                                                                                                                                                                                                                                                                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0
                                                                                                                                                                                                                                                                                                                                        Accept: */*
                                                                                                                                                                                                                                                                                                                                        Accept-Language: en-US,en;q=0.5
                                                                                                                                                                                                                                                                                                                                        Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                                                                                                                                        Cache-Control: no-cache
                                                                                                                                                                                                                                                                                                                                        Pragma: no-cache
                                                                                                                                                                                                                                                                                                                                        Connection: keep-alive
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:52.709076881 CEST298INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                        Server: nginx
                                                                                                                                                                                                                                                                                                                                        Content-Length: 90
                                                                                                                                                                                                                                                                                                                                        Via: 1.1 google
                                                                                                                                                                                                                                                                                                                                        Date: Thu, 25 Apr 2024 14:23:22 GMT
                                                                                                                                                                                                                                                                                                                                        Content-Type: text/html
                                                                                                                                                                                                                                                                                                                                        Age: 54270
                                                                                                                                                                                                                                                                                                                                        Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
                                                                                                                                                                                                                                                                                                                                        Data Raw: 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 72 65 66 72 65 73 68 22 20 63 6f 6e 74 65 6e 74 3d 22 30 3b 75 72 6c 3d 68 74 74 70 73 3a 2f 2f 73 75 70 70 6f 72 74 2e 6d 6f 7a 69 6c 6c 61 2e 6f 72 67 2f 6b 62 2f 63 61 70 74 69 76 65 2d 70 6f 72 74 61 6c 22 2f 3e
                                                                                                                                                                                                                                                                                                                                        Data Ascii: <meta http-equiv="refresh" content="0;url=https://support.mozilla.org/kb/captive-portal"/>
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:58.394224882 CEST303OUTGET /canonical.html HTTP/1.1
                                                                                                                                                                                                                                                                                                                                        Host: detectportal.firefox.com
                                                                                                                                                                                                                                                                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0
                                                                                                                                                                                                                                                                                                                                        Accept: */*
                                                                                                                                                                                                                                                                                                                                        Accept-Language: en-US,en;q=0.5
                                                                                                                                                                                                                                                                                                                                        Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                                                                                                                                        Cache-Control: no-cache
                                                                                                                                                                                                                                                                                                                                        Pragma: no-cache
                                                                                                                                                                                                                                                                                                                                        Connection: keep-alive
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:58.551342964 CEST298INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                        Server: nginx
                                                                                                                                                                                                                                                                                                                                        Content-Length: 90
                                                                                                                                                                                                                                                                                                                                        Via: 1.1 google
                                                                                                                                                                                                                                                                                                                                        Date: Thu, 25 Apr 2024 14:23:22 GMT
                                                                                                                                                                                                                                                                                                                                        Content-Type: text/html
                                                                                                                                                                                                                                                                                                                                        Age: 54276
                                                                                                                                                                                                                                                                                                                                        Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
                                                                                                                                                                                                                                                                                                                                        Data Raw: 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 72 65 66 72 65 73 68 22 20 63 6f 6e 74 65 6e 74 3d 22 30 3b 75 72 6c 3d 68 74 74 70 73 3a 2f 2f 73 75 70 70 6f 72 74 2e 6d 6f 7a 69 6c 6c 61 2e 6f 72 67 2f 6b 62 2f 63 61 70 74 69 76 65 2d 70 6f 72 74 61 6c 22 2f 3e
                                                                                                                                                                                                                                                                                                                                        Data Ascii: <meta http-equiv="refresh" content="0;url=https://support.mozilla.org/kb/captive-portal"/>
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:28:08.558162928 CEST6OUTData Raw: 00
                                                                                                                                                                                                                                                                                                                                        Data Ascii:
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:28:14.330899000 CEST303OUTGET /canonical.html HTTP/1.1
                                                                                                                                                                                                                                                                                                                                        Host: detectportal.firefox.com
                                                                                                                                                                                                                                                                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0
                                                                                                                                                                                                                                                                                                                                        Accept: */*
                                                                                                                                                                                                                                                                                                                                        Accept-Language: en-US,en;q=0.5
                                                                                                                                                                                                                                                                                                                                        Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                                                                                                                                        Cache-Control: no-cache
                                                                                                                                                                                                                                                                                                                                        Pragma: no-cache
                                                                                                                                                                                                                                                                                                                                        Connection: keep-alive
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:28:14.488742113 CEST298INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                        Server: nginx
                                                                                                                                                                                                                                                                                                                                        Content-Length: 90
                                                                                                                                                                                                                                                                                                                                        Via: 1.1 google
                                                                                                                                                                                                                                                                                                                                        Date: Thu, 25 Apr 2024 14:23:22 GMT
                                                                                                                                                                                                                                                                                                                                        Content-Type: text/html
                                                                                                                                                                                                                                                                                                                                        Age: 54292
                                                                                                                                                                                                                                                                                                                                        Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
                                                                                                                                                                                                                                                                                                                                        Data Raw: 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 72 65 66 72 65 73 68 22 20 63 6f 6e 74 65 6e 74 3d 22 30 3b 75 72 6c 3d 68 74 74 70 73 3a 2f 2f 73 75 70 70 6f 72 74 2e 6d 6f 7a 69 6c 6c 61 2e 6f 72 67 2f 6b 62 2f 63 61 70 74 69 76 65 2d 70 6f 72 74 61 6c 22 2f 3e
                                                                                                                                                                                                                                                                                                                                        Data Ascii: <meta http-equiv="refresh" content="0;url=https://support.mozilla.org/kb/captive-portal"/>
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:28:15.256617069 CEST303OUTGET /canonical.html HTTP/1.1
                                                                                                                                                                                                                                                                                                                                        Host: detectportal.firefox.com
                                                                                                                                                                                                                                                                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0
                                                                                                                                                                                                                                                                                                                                        Accept: */*
                                                                                                                                                                                                                                                                                                                                        Accept-Language: en-US,en;q=0.5
                                                                                                                                                                                                                                                                                                                                        Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                                                                                                                                        Cache-Control: no-cache
                                                                                                                                                                                                                                                                                                                                        Pragma: no-cache
                                                                                                                                                                                                                                                                                                                                        Connection: keep-alive
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:28:15.414125919 CEST298INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                        Server: nginx
                                                                                                                                                                                                                                                                                                                                        Content-Length: 90
                                                                                                                                                                                                                                                                                                                                        Via: 1.1 google
                                                                                                                                                                                                                                                                                                                                        Date: Thu, 25 Apr 2024 14:23:22 GMT
                                                                                                                                                                                                                                                                                                                                        Content-Type: text/html
                                                                                                                                                                                                                                                                                                                                        Age: 54293
                                                                                                                                                                                                                                                                                                                                        Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
                                                                                                                                                                                                                                                                                                                                        Data Raw: 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 72 65 66 72 65 73 68 22 20 63 6f 6e 74 65 6e 74 3d 22 30 3b 75 72 6c 3d 68 74 74 70 73 3a 2f 2f 73 75 70 70 6f 72 74 2e 6d 6f 7a 69 6c 6c 61 2e 6f 72 67 2f 6b 62 2f 63 61 70 74 69 76 65 2d 70 6f 72 74 61 6c 22 2f 3e
                                                                                                                                                                                                                                                                                                                                        Data Ascii: <meta http-equiv="refresh" content="0;url=https://support.mozilla.org/kb/captive-portal"/>
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:28:16.752743006 CEST303OUTGET /canonical.html HTTP/1.1
                                                                                                                                                                                                                                                                                                                                        Host: detectportal.firefox.com
                                                                                                                                                                                                                                                                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0
                                                                                                                                                                                                                                                                                                                                        Accept: */*
                                                                                                                                                                                                                                                                                                                                        Accept-Language: en-US,en;q=0.5
                                                                                                                                                                                                                                                                                                                                        Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                                                                                                                                        Cache-Control: no-cache
                                                                                                                                                                                                                                                                                                                                        Pragma: no-cache
                                                                                                                                                                                                                                                                                                                                        Connection: keep-alive
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:28:16.910973072 CEST298INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                        Server: nginx
                                                                                                                                                                                                                                                                                                                                        Content-Length: 90
                                                                                                                                                                                                                                                                                                                                        Via: 1.1 google
                                                                                                                                                                                                                                                                                                                                        Date: Thu, 25 Apr 2024 14:23:22 GMT
                                                                                                                                                                                                                                                                                                                                        Content-Type: text/html
                                                                                                                                                                                                                                                                                                                                        Age: 54294
                                                                                                                                                                                                                                                                                                                                        Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
                                                                                                                                                                                                                                                                                                                                        Data Raw: 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 72 65 66 72 65 73 68 22 20 63 6f 6e 74 65 6e 74 3d 22 30 3b 75 72 6c 3d 68 74 74 70 73 3a 2f 2f 73 75 70 70 6f 72 74 2e 6d 6f 7a 69 6c 6c 61 2e 6f 72 67 2f 6b 62 2f 63 61 70 74 69 76 65 2d 70 6f 72 74 61 6c 22 2f 3e
                                                                                                                                                                                                                                                                                                                                        Data Ascii: <meta http-equiv="refresh" content="0;url=https://support.mozilla.org/kb/captive-portal"/>
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:28:26.868140936 CEST303OUTGET /canonical.html HTTP/1.1
                                                                                                                                                                                                                                                                                                                                        Host: detectportal.firefox.com
                                                                                                                                                                                                                                                                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0
                                                                                                                                                                                                                                                                                                                                        Accept: */*
                                                                                                                                                                                                                                                                                                                                        Accept-Language: en-US,en;q=0.5
                                                                                                                                                                                                                                                                                                                                        Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                                                                                                                                        Cache-Control: no-cache
                                                                                                                                                                                                                                                                                                                                        Pragma: no-cache
                                                                                                                                                                                                                                                                                                                                        Connection: keep-alive
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:28:26.926286936 CEST6OUTData Raw: 00
                                                                                                                                                                                                                                                                                                                                        Data Ascii:
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:28:27.025886059 CEST298INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                        Server: nginx
                                                                                                                                                                                                                                                                                                                                        Content-Length: 90
                                                                                                                                                                                                                                                                                                                                        Via: 1.1 google
                                                                                                                                                                                                                                                                                                                                        Date: Thu, 25 Apr 2024 14:23:22 GMT
                                                                                                                                                                                                                                                                                                                                        Content-Type: text/html
                                                                                                                                                                                                                                                                                                                                        Age: 54304
                                                                                                                                                                                                                                                                                                                                        Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
                                                                                                                                                                                                                                                                                                                                        Data Raw: 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 72 65 66 72 65 73 68 22 20 63 6f 6e 74 65 6e 74 3d 22 30 3b 75 72 6c 3d 68 74 74 70 73 3a 2f 2f 73 75 70 70 6f 72 74 2e 6d 6f 7a 69 6c 6c 61 2e 6f 72 67 2f 6b 62 2f 63 61 70 74 69 76 65 2d 70 6f 72 74 61 6c 22 2f 3e
                                                                                                                                                                                                                                                                                                                                        Data Ascii: <meta http-equiv="refresh" content="0;url=https://support.mozilla.org/kb/captive-portal"/>
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:28:32.338371992 CEST303OUTGET /canonical.html HTTP/1.1
                                                                                                                                                                                                                                                                                                                                        Host: detectportal.firefox.com
                                                                                                                                                                                                                                                                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0
                                                                                                                                                                                                                                                                                                                                        Accept: */*
                                                                                                                                                                                                                                                                                                                                        Accept-Language: en-US,en;q=0.5
                                                                                                                                                                                                                                                                                                                                        Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                                                                                                                                        Cache-Control: no-cache
                                                                                                                                                                                                                                                                                                                                        Pragma: no-cache
                                                                                                                                                                                                                                                                                                                                        Connection: keep-alive
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:28:32.495996952 CEST298INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                        Server: nginx
                                                                                                                                                                                                                                                                                                                                        Content-Length: 90
                                                                                                                                                                                                                                                                                                                                        Via: 1.1 google
                                                                                                                                                                                                                                                                                                                                        Date: Thu, 25 Apr 2024 14:23:22 GMT
                                                                                                                                                                                                                                                                                                                                        Content-Type: text/html
                                                                                                                                                                                                                                                                                                                                        Age: 54310
                                                                                                                                                                                                                                                                                                                                        Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
                                                                                                                                                                                                                                                                                                                                        Data Raw: 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 72 65 66 72 65 73 68 22 20 63 6f 6e 74 65 6e 74 3d 22 30 3b 75 72 6c 3d 68 74 74 70 73 3a 2f 2f 73 75 70 70 6f 72 74 2e 6d 6f 7a 69 6c 6c 61 2e 6f 72 67 2f 6b 62 2f 63 61 70 74 69 76 65 2d 70 6f 72 74 61 6c 22 2f 3e
                                                                                                                                                                                                                                                                                                                                        Data Ascii: <meta http-equiv="refresh" content="0;url=https://support.mozilla.org/kb/captive-portal"/>
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:28:34.143573999 CEST303OUTGET /canonical.html HTTP/1.1
                                                                                                                                                                                                                                                                                                                                        Host: detectportal.firefox.com
                                                                                                                                                                                                                                                                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0
                                                                                                                                                                                                                                                                                                                                        Accept: */*
                                                                                                                                                                                                                                                                                                                                        Accept-Language: en-US,en;q=0.5
                                                                                                                                                                                                                                                                                                                                        Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                                                                                                                                        Cache-Control: no-cache
                                                                                                                                                                                                                                                                                                                                        Pragma: no-cache
                                                                                                                                                                                                                                                                                                                                        Connection: keep-alive
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:28:34.301644087 CEST298INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                        Server: nginx
                                                                                                                                                                                                                                                                                                                                        Content-Length: 90
                                                                                                                                                                                                                                                                                                                                        Via: 1.1 google
                                                                                                                                                                                                                                                                                                                                        Date: Thu, 25 Apr 2024 14:23:22 GMT
                                                                                                                                                                                                                                                                                                                                        Content-Type: text/html
                                                                                                                                                                                                                                                                                                                                        Age: 54312
                                                                                                                                                                                                                                                                                                                                        Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
                                                                                                                                                                                                                                                                                                                                        Data Raw: 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 72 65 66 72 65 73 68 22 20 63 6f 6e 74 65 6e 74 3d 22 30 3b 75 72 6c 3d 68 74 74 70 73 3a 2f 2f 73 75 70 70 6f 72 74 2e 6d 6f 7a 69 6c 6c 61 2e 6f 72 67 2f 6b 62 2f 63 61 70 74 69 76 65 2d 70 6f 72 74 61 6c 22 2f 3e
                                                                                                                                                                                                                                                                                                                                        Data Ascii: <meta http-equiv="refresh" content="0;url=https://support.mozilla.org/kb/captive-portal"/>
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:28:34.892761946 CEST303OUTGET /canonical.html HTTP/1.1
                                                                                                                                                                                                                                                                                                                                        Host: detectportal.firefox.com
                                                                                                                                                                                                                                                                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0
                                                                                                                                                                                                                                                                                                                                        Accept: */*
                                                                                                                                                                                                                                                                                                                                        Accept-Language: en-US,en;q=0.5
                                                                                                                                                                                                                                                                                                                                        Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                                                                                                                                        Cache-Control: no-cache
                                                                                                                                                                                                                                                                                                                                        Pragma: no-cache
                                                                                                                                                                                                                                                                                                                                        Connection: keep-alive
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:28:35.050513983 CEST298INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                        Server: nginx
                                                                                                                                                                                                                                                                                                                                        Content-Length: 90
                                                                                                                                                                                                                                                                                                                                        Via: 1.1 google
                                                                                                                                                                                                                                                                                                                                        Date: Thu, 25 Apr 2024 14:23:22 GMT
                                                                                                                                                                                                                                                                                                                                        Content-Type: text/html
                                                                                                                                                                                                                                                                                                                                        Age: 54312
                                                                                                                                                                                                                                                                                                                                        Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
                                                                                                                                                                                                                                                                                                                                        Data Raw: 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 72 65 66 72 65 73 68 22 20 63 6f 6e 74 65 6e 74 3d 22 30 3b 75 72 6c 3d 68 74 74 70 73 3a 2f 2f 73 75 70 70 6f 72 74 2e 6d 6f 7a 69 6c 6c 61 2e 6f 72 67 2f 6b 62 2f 63 61 70 74 69 76 65 2d 70 6f 72 74 61 6c 22 2f 3e
                                                                                                                                                                                                                                                                                                                                        Data Ascii: <meta http-equiv="refresh" content="0;url=https://support.mozilla.org/kb/captive-portal"/>
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:28:45.052213907 CEST6OUTData Raw: 00
                                                                                                                                                                                                                                                                                                                                        Data Ascii:
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:28:55.221210957 CEST6OUTData Raw: 00
                                                                                                                                                                                                                                                                                                                                        Data Ascii:
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:29:05.385262012 CEST6OUTData Raw: 00
                                                                                                                                                                                                                                                                                                                                        Data Ascii:


                                                                                                                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                                                                        3192.168.2.164972634.107.221.82806392C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:38.117723942 CEST305OUTGET /success.txt?ipv4 HTTP/1.1
                                                                                                                                                                                                                                                                                                                                        Host: detectportal.firefox.com
                                                                                                                                                                                                                                                                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0
                                                                                                                                                                                                                                                                                                                                        Accept: */*
                                                                                                                                                                                                                                                                                                                                        Accept-Language: en-US,en;q=0.5
                                                                                                                                                                                                                                                                                                                                        Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                                                                                                                                        Connection: keep-alive
                                                                                                                                                                                                                                                                                                                                        Pragma: no-cache
                                                                                                                                                                                                                                                                                                                                        Cache-Control: no-cache
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:38.274859905 CEST216INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                        Server: nginx
                                                                                                                                                                                                                                                                                                                                        Content-Length: 8
                                                                                                                                                                                                                                                                                                                                        Via: 1.1 google
                                                                                                                                                                                                                                                                                                                                        Date: Thu, 25 Apr 2024 17:36:57 GMT
                                                                                                                                                                                                                                                                                                                                        Age: 42641
                                                                                                                                                                                                                                                                                                                                        Content-Type: text/plain
                                                                                                                                                                                                                                                                                                                                        Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
                                                                                                                                                                                                                                                                                                                                        Data Raw: 73 75 63 63 65 73 73 0a
                                                                                                                                                                                                                                                                                                                                        Data Ascii: success
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:39.096191883 CEST305OUTGET /success.txt?ipv4 HTTP/1.1
                                                                                                                                                                                                                                                                                                                                        Host: detectportal.firefox.com
                                                                                                                                                                                                                                                                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0
                                                                                                                                                                                                                                                                                                                                        Accept: */*
                                                                                                                                                                                                                                                                                                                                        Accept-Language: en-US,en;q=0.5
                                                                                                                                                                                                                                                                                                                                        Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                                                                                                                                        Connection: keep-alive
                                                                                                                                                                                                                                                                                                                                        Pragma: no-cache
                                                                                                                                                                                                                                                                                                                                        Cache-Control: no-cache
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:39.252877951 CEST216INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                        Server: nginx
                                                                                                                                                                                                                                                                                                                                        Content-Length: 8
                                                                                                                                                                                                                                                                                                                                        Via: 1.1 google
                                                                                                                                                                                                                                                                                                                                        Date: Thu, 25 Apr 2024 17:36:57 GMT
                                                                                                                                                                                                                                                                                                                                        Age: 42642
                                                                                                                                                                                                                                                                                                                                        Content-Type: text/plain
                                                                                                                                                                                                                                                                                                                                        Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
                                                                                                                                                                                                                                                                                                                                        Data Raw: 73 75 63 63 65 73 73 0a
                                                                                                                                                                                                                                                                                                                                        Data Ascii: success
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:39.912837029 CEST305OUTGET /success.txt?ipv4 HTTP/1.1
                                                                                                                                                                                                                                                                                                                                        Host: detectportal.firefox.com
                                                                                                                                                                                                                                                                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0
                                                                                                                                                                                                                                                                                                                                        Accept: */*
                                                                                                                                                                                                                                                                                                                                        Accept-Language: en-US,en;q=0.5
                                                                                                                                                                                                                                                                                                                                        Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                                                                                                                                        Connection: keep-alive
                                                                                                                                                                                                                                                                                                                                        Pragma: no-cache
                                                                                                                                                                                                                                                                                                                                        Cache-Control: no-cache
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:40.071255922 CEST216INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                        Server: nginx
                                                                                                                                                                                                                                                                                                                                        Content-Length: 8
                                                                                                                                                                                                                                                                                                                                        Via: 1.1 google
                                                                                                                                                                                                                                                                                                                                        Date: Thu, 25 Apr 2024 17:36:57 GMT
                                                                                                                                                                                                                                                                                                                                        Age: 42642
                                                                                                                                                                                                                                                                                                                                        Content-Type: text/plain
                                                                                                                                                                                                                                                                                                                                        Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
                                                                                                                                                                                                                                                                                                                                        Data Raw: 73 75 63 63 65 73 73 0a
                                                                                                                                                                                                                                                                                                                                        Data Ascii: success
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:48.685805082 CEST305OUTGET /success.txt?ipv4 HTTP/1.1
                                                                                                                                                                                                                                                                                                                                        Host: detectportal.firefox.com
                                                                                                                                                                                                                                                                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0
                                                                                                                                                                                                                                                                                                                                        Accept: */*
                                                                                                                                                                                                                                                                                                                                        Accept-Language: en-US,en;q=0.5
                                                                                                                                                                                                                                                                                                                                        Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                                                                                                                                        Connection: keep-alive
                                                                                                                                                                                                                                                                                                                                        Pragma: no-cache
                                                                                                                                                                                                                                                                                                                                        Cache-Control: no-cache
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:48.842879057 CEST216INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                        Server: nginx
                                                                                                                                                                                                                                                                                                                                        Content-Length: 8
                                                                                                                                                                                                                                                                                                                                        Via: 1.1 google
                                                                                                                                                                                                                                                                                                                                        Date: Thu, 25 Apr 2024 17:36:57 GMT
                                                                                                                                                                                                                                                                                                                                        Age: 42651
                                                                                                                                                                                                                                                                                                                                        Content-Type: text/plain
                                                                                                                                                                                                                                                                                                                                        Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
                                                                                                                                                                                                                                                                                                                                        Data Raw: 73 75 63 63 65 73 73 0a
                                                                                                                                                                                                                                                                                                                                        Data Ascii: success
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:50.977890968 CEST305OUTGET /success.txt?ipv4 HTTP/1.1
                                                                                                                                                                                                                                                                                                                                        Host: detectportal.firefox.com
                                                                                                                                                                                                                                                                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0
                                                                                                                                                                                                                                                                                                                                        Accept: */*
                                                                                                                                                                                                                                                                                                                                        Accept-Language: en-US,en;q=0.5
                                                                                                                                                                                                                                                                                                                                        Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                                                                                                                                        Connection: keep-alive
                                                                                                                                                                                                                                                                                                                                        Pragma: no-cache
                                                                                                                                                                                                                                                                                                                                        Cache-Control: no-cache
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:51.135827065 CEST216INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                        Server: nginx
                                                                                                                                                                                                                                                                                                                                        Content-Length: 8
                                                                                                                                                                                                                                                                                                                                        Via: 1.1 google
                                                                                                                                                                                                                                                                                                                                        Date: Thu, 25 Apr 2024 17:36:57 GMT
                                                                                                                                                                                                                                                                                                                                        Age: 42654
                                                                                                                                                                                                                                                                                                                                        Content-Type: text/plain
                                                                                                                                                                                                                                                                                                                                        Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
                                                                                                                                                                                                                                                                                                                                        Data Raw: 73 75 63 63 65 73 73 0a
                                                                                                                                                                                                                                                                                                                                        Data Ascii: success
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:52.544008970 CEST305OUTGET /success.txt?ipv4 HTTP/1.1
                                                                                                                                                                                                                                                                                                                                        Host: detectportal.firefox.com
                                                                                                                                                                                                                                                                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0
                                                                                                                                                                                                                                                                                                                                        Accept: */*
                                                                                                                                                                                                                                                                                                                                        Accept-Language: en-US,en;q=0.5
                                                                                                                                                                                                                                                                                                                                        Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                                                                                                                                        Connection: keep-alive
                                                                                                                                                                                                                                                                                                                                        Pragma: no-cache
                                                                                                                                                                                                                                                                                                                                        Cache-Control: no-cache
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:52.701033115 CEST216INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                        Server: nginx
                                                                                                                                                                                                                                                                                                                                        Content-Length: 8
                                                                                                                                                                                                                                                                                                                                        Via: 1.1 google
                                                                                                                                                                                                                                                                                                                                        Date: Thu, 25 Apr 2024 17:36:57 GMT
                                                                                                                                                                                                                                                                                                                                        Age: 42655
                                                                                                                                                                                                                                                                                                                                        Content-Type: text/plain
                                                                                                                                                                                                                                                                                                                                        Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
                                                                                                                                                                                                                                                                                                                                        Data Raw: 73 75 63 63 65 73 73 0a
                                                                                                                                                                                                                                                                                                                                        Data Ascii: success
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:52.711556911 CEST305OUTGET /success.txt?ipv4 HTTP/1.1
                                                                                                                                                                                                                                                                                                                                        Host: detectportal.firefox.com
                                                                                                                                                                                                                                                                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0
                                                                                                                                                                                                                                                                                                                                        Accept: */*
                                                                                                                                                                                                                                                                                                                                        Accept-Language: en-US,en;q=0.5
                                                                                                                                                                                                                                                                                                                                        Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                                                                                                                                        Connection: keep-alive
                                                                                                                                                                                                                                                                                                                                        Pragma: no-cache
                                                                                                                                                                                                                                                                                                                                        Cache-Control: no-cache
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:27:52.868225098 CEST216INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                        Server: nginx
                                                                                                                                                                                                                                                                                                                                        Content-Length: 8
                                                                                                                                                                                                                                                                                                                                        Via: 1.1 google
                                                                                                                                                                                                                                                                                                                                        Date: Thu, 25 Apr 2024 17:36:57 GMT
                                                                                                                                                                                                                                                                                                                                        Age: 42655
                                                                                                                                                                                                                                                                                                                                        Content-Type: text/plain
                                                                                                                                                                                                                                                                                                                                        Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
                                                                                                                                                                                                                                                                                                                                        Data Raw: 73 75 63 63 65 73 73 0a
                                                                                                                                                                                                                                                                                                                                        Data Ascii: success
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:28:02.880129099 CEST6OUTData Raw: 00
                                                                                                                                                                                                                                                                                                                                        Data Ascii:
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:28:07.671613932 CEST305OUTGET /success.txt?ipv4 HTTP/1.1
                                                                                                                                                                                                                                                                                                                                        Host: detectportal.firefox.com
                                                                                                                                                                                                                                                                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0
                                                                                                                                                                                                                                                                                                                                        Accept: */*
                                                                                                                                                                                                                                                                                                                                        Accept-Language: en-US,en;q=0.5
                                                                                                                                                                                                                                                                                                                                        Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                                                                                                                                        Connection: keep-alive
                                                                                                                                                                                                                                                                                                                                        Pragma: no-cache
                                                                                                                                                                                                                                                                                                                                        Cache-Control: no-cache
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:28:07.828418970 CEST216INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                        Server: nginx
                                                                                                                                                                                                                                                                                                                                        Content-Length: 8
                                                                                                                                                                                                                                                                                                                                        Via: 1.1 google
                                                                                                                                                                                                                                                                                                                                        Date: Thu, 25 Apr 2024 17:36:57 GMT
                                                                                                                                                                                                                                                                                                                                        Age: 42670
                                                                                                                                                                                                                                                                                                                                        Content-Type: text/plain
                                                                                                                                                                                                                                                                                                                                        Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
                                                                                                                                                                                                                                                                                                                                        Data Raw: 73 75 63 63 65 73 73 0a
                                                                                                                                                                                                                                                                                                                                        Data Ascii: success
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:28:14.656739950 CEST305OUTGET /success.txt?ipv4 HTTP/1.1
                                                                                                                                                                                                                                                                                                                                        Host: detectportal.firefox.com
                                                                                                                                                                                                                                                                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0
                                                                                                                                                                                                                                                                                                                                        Accept: */*
                                                                                                                                                                                                                                                                                                                                        Accept-Language: en-US,en;q=0.5
                                                                                                                                                                                                                                                                                                                                        Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                                                                                                                                        Connection: keep-alive
                                                                                                                                                                                                                                                                                                                                        Pragma: no-cache
                                                                                                                                                                                                                                                                                                                                        Cache-Control: no-cache
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:28:14.827955008 CEST216INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                        Server: nginx
                                                                                                                                                                                                                                                                                                                                        Content-Length: 8
                                                                                                                                                                                                                                                                                                                                        Via: 1.1 google
                                                                                                                                                                                                                                                                                                                                        Date: Thu, 25 Apr 2024 17:36:57 GMT
                                                                                                                                                                                                                                                                                                                                        Age: 42677
                                                                                                                                                                                                                                                                                                                                        Content-Type: text/plain
                                                                                                                                                                                                                                                                                                                                        Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
                                                                                                                                                                                                                                                                                                                                        Data Raw: 73 75 63 63 65 73 73 0a
                                                                                                                                                                                                                                                                                                                                        Data Ascii: success
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:28:16.747576952 CEST305OUTGET /success.txt?ipv4 HTTP/1.1
                                                                                                                                                                                                                                                                                                                                        Host: detectportal.firefox.com
                                                                                                                                                                                                                                                                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0
                                                                                                                                                                                                                                                                                                                                        Accept: */*
                                                                                                                                                                                                                                                                                                                                        Accept-Language: en-US,en;q=0.5
                                                                                                                                                                                                                                                                                                                                        Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                                                                                                                                        Connection: keep-alive
                                                                                                                                                                                                                                                                                                                                        Pragma: no-cache
                                                                                                                                                                                                                                                                                                                                        Cache-Control: no-cache
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:28:16.905340910 CEST216INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                        Server: nginx
                                                                                                                                                                                                                                                                                                                                        Content-Length: 8
                                                                                                                                                                                                                                                                                                                                        Via: 1.1 google
                                                                                                                                                                                                                                                                                                                                        Date: Thu, 25 Apr 2024 17:36:57 GMT
                                                                                                                                                                                                                                                                                                                                        Age: 42679
                                                                                                                                                                                                                                                                                                                                        Content-Type: text/plain
                                                                                                                                                                                                                                                                                                                                        Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
                                                                                                                                                                                                                                                                                                                                        Data Raw: 73 75 63 63 65 73 73 0a
                                                                                                                                                                                                                                                                                                                                        Data Ascii: success
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:28:17.568083048 CEST305OUTGET /success.txt?ipv4 HTTP/1.1
                                                                                                                                                                                                                                                                                                                                        Host: detectportal.firefox.com
                                                                                                                                                                                                                                                                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0
                                                                                                                                                                                                                                                                                                                                        Accept: */*
                                                                                                                                                                                                                                                                                                                                        Accept-Language: en-US,en;q=0.5
                                                                                                                                                                                                                                                                                                                                        Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                                                                                                                                        Connection: keep-alive
                                                                                                                                                                                                                                                                                                                                        Pragma: no-cache
                                                                                                                                                                                                                                                                                                                                        Cache-Control: no-cache
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:28:17.725742102 CEST216INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                        Server: nginx
                                                                                                                                                                                                                                                                                                                                        Content-Length: 8
                                                                                                                                                                                                                                                                                                                                        Via: 1.1 google
                                                                                                                                                                                                                                                                                                                                        Date: Thu, 25 Apr 2024 17:36:57 GMT
                                                                                                                                                                                                                                                                                                                                        Age: 42680
                                                                                                                                                                                                                                                                                                                                        Content-Type: text/plain
                                                                                                                                                                                                                                                                                                                                        Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
                                                                                                                                                                                                                                                                                                                                        Data Raw: 73 75 63 63 65 73 73 0a
                                                                                                                                                                                                                                                                                                                                        Data Ascii: success
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:28:27.054780006 CEST305OUTGET /success.txt?ipv4 HTTP/1.1
                                                                                                                                                                                                                                                                                                                                        Host: detectportal.firefox.com
                                                                                                                                                                                                                                                                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0
                                                                                                                                                                                                                                                                                                                                        Accept: */*
                                                                                                                                                                                                                                                                                                                                        Accept-Language: en-US,en;q=0.5
                                                                                                                                                                                                                                                                                                                                        Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                                                                                                                                        Connection: keep-alive
                                                                                                                                                                                                                                                                                                                                        Pragma: no-cache
                                                                                                                                                                                                                                                                                                                                        Cache-Control: no-cache
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:28:27.211894989 CEST216INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                        Server: nginx
                                                                                                                                                                                                                                                                                                                                        Content-Length: 8
                                                                                                                                                                                                                                                                                                                                        Via: 1.1 google
                                                                                                                                                                                                                                                                                                                                        Date: Thu, 25 Apr 2024 17:36:57 GMT
                                                                                                                                                                                                                                                                                                                                        Age: 42690
                                                                                                                                                                                                                                                                                                                                        Content-Type: text/plain
                                                                                                                                                                                                                                                                                                                                        Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
                                                                                                                                                                                                                                                                                                                                        Data Raw: 73 75 63 63 65 73 73 0a
                                                                                                                                                                                                                                                                                                                                        Data Ascii: success
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:28:34.140230894 CEST305OUTGET /success.txt?ipv4 HTTP/1.1
                                                                                                                                                                                                                                                                                                                                        Host: detectportal.firefox.com
                                                                                                                                                                                                                                                                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0
                                                                                                                                                                                                                                                                                                                                        Accept: */*
                                                                                                                                                                                                                                                                                                                                        Accept-Language: en-US,en;q=0.5
                                                                                                                                                                                                                                                                                                                                        Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                                                                                                                                        Connection: keep-alive
                                                                                                                                                                                                                                                                                                                                        Pragma: no-cache
                                                                                                                                                                                                                                                                                                                                        Cache-Control: no-cache
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:28:34.299201012 CEST216INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                        Server: nginx
                                                                                                                                                                                                                                                                                                                                        Content-Length: 8
                                                                                                                                                                                                                                                                                                                                        Via: 1.1 google
                                                                                                                                                                                                                                                                                                                                        Date: Thu, 25 Apr 2024 17:36:57 GMT
                                                                                                                                                                                                                                                                                                                                        Age: 42697
                                                                                                                                                                                                                                                                                                                                        Content-Type: text/plain
                                                                                                                                                                                                                                                                                                                                        Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
                                                                                                                                                                                                                                                                                                                                        Data Raw: 73 75 63 63 65 73 73 0a
                                                                                                                                                                                                                                                                                                                                        Data Ascii: success
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:28:34.304373026 CEST305OUTGET /success.txt?ipv4 HTTP/1.1
                                                                                                                                                                                                                                                                                                                                        Host: detectportal.firefox.com
                                                                                                                                                                                                                                                                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0
                                                                                                                                                                                                                                                                                                                                        Accept: */*
                                                                                                                                                                                                                                                                                                                                        Accept-Language: en-US,en;q=0.5
                                                                                                                                                                                                                                                                                                                                        Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                                                                                                                                        Connection: keep-alive
                                                                                                                                                                                                                                                                                                                                        Pragma: no-cache
                                                                                                                                                                                                                                                                                                                                        Cache-Control: no-cache
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:28:34.461384058 CEST216INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                        Server: nginx
                                                                                                                                                                                                                                                                                                                                        Content-Length: 8
                                                                                                                                                                                                                                                                                                                                        Via: 1.1 google
                                                                                                                                                                                                                                                                                                                                        Date: Thu, 25 Apr 2024 17:36:57 GMT
                                                                                                                                                                                                                                                                                                                                        Age: 42697
                                                                                                                                                                                                                                                                                                                                        Content-Type: text/plain
                                                                                                                                                                                                                                                                                                                                        Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
                                                                                                                                                                                                                                                                                                                                        Data Raw: 73 75 63 63 65 73 73 0a
                                                                                                                                                                                                                                                                                                                                        Data Ascii: success
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:28:35.052918911 CEST305OUTGET /success.txt?ipv4 HTTP/1.1
                                                                                                                                                                                                                                                                                                                                        Host: detectportal.firefox.com
                                                                                                                                                                                                                                                                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0
                                                                                                                                                                                                                                                                                                                                        Accept: */*
                                                                                                                                                                                                                                                                                                                                        Accept-Language: en-US,en;q=0.5
                                                                                                                                                                                                                                                                                                                                        Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                                                                                                                                        Connection: keep-alive
                                                                                                                                                                                                                                                                                                                                        Pragma: no-cache
                                                                                                                                                                                                                                                                                                                                        Cache-Control: no-cache
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:28:35.210098982 CEST216INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                        Server: nginx
                                                                                                                                                                                                                                                                                                                                        Content-Length: 8
                                                                                                                                                                                                                                                                                                                                        Via: 1.1 google
                                                                                                                                                                                                                                                                                                                                        Date: Thu, 25 Apr 2024 17:36:57 GMT
                                                                                                                                                                                                                                                                                                                                        Age: 42698
                                                                                                                                                                                                                                                                                                                                        Content-Type: text/plain
                                                                                                                                                                                                                                                                                                                                        Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
                                                                                                                                                                                                                                                                                                                                        Data Raw: 73 75 63 63 65 73 73 0a
                                                                                                                                                                                                                                                                                                                                        Data Ascii: success
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:28:45.224230051 CEST6OUTData Raw: 00
                                                                                                                                                                                                                                                                                                                                        Data Ascii:
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:28:55.394226074 CEST6OUTData Raw: 00
                                                                                                                                                                                                                                                                                                                                        Data Ascii:
                                                                                                                                                                                                                                                                                                                                        Apr 26, 2024 07:29:05.581239939 CEST6OUTData Raw: 00
                                                                                                                                                                                                                                                                                                                                        Data Ascii:


                                                                                                                                                                                                                                                                                                                                        Statistics

                                                                                                                                                                                                                                                                                                                                        CPU Usage

                                                                                                                                                                                                                                                                                                                                        Click to jump to process

                                                                                                                                                                                                                                                                                                                                        Memory Usage

                                                                                                                                                                                                                                                                                                                                        Click to jump to process

                                                                                                                                                                                                                                                                                                                                        High Level Behavior Distribution

                                                                                                                                                                                                                                                                                                                                        Click to dive into process behavior distribution

                                                                                                                                                                                                                                                                                                                                        Behavior

                                                                                                                                                                                                                                                                                                                                        Click to jump to process

                                                                                                                                                                                                                                                                                                                                        System Behavior

                                                                                                                                                                                                                                                                                                                                        General

                                                                                                                                                                                                                                                                                                                                        Target ID:0
                                                                                                                                                                                                                                                                                                                                        Start time:07:27:01
                                                                                                                                                                                                                                                                                                                                        Start date:26/04/2024
                                                                                                                                                                                                                                                                                                                                        Path:C:\Windows\System32\rundll32.exe
                                                                                                                                                                                                                                                                                                                                        Wow64 process (32bit):false
                                                                                                                                                                                                                                                                                                                                        Commandline:C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding
                                                                                                                                                                                                                                                                                                                                        Imagebase:0x7ff755cb0000
                                                                                                                                                                                                                                                                                                                                        File size:71'680 bytes
                                                                                                                                                                                                                                                                                                                                        MD5 hash:EF3179D498793BF4234F708D3BE28633
                                                                                                                                                                                                                                                                                                                                        Has elevated privileges:false
                                                                                                                                                                                                                                                                                                                                        Has administrator privileges:false
                                                                                                                                                                                                                                                                                                                                        Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                                                                        Reputation:high
                                                                                                                                                                                                                                                                                                                                        Has exited:true

                                                                                                                                                                                                                                                                                                                                        General

                                                                                                                                                                                                                                                                                                                                        Target ID:3
                                                                                                                                                                                                                                                                                                                                        Start time:07:27:09
                                                                                                                                                                                                                                                                                                                                        Start date:26/04/2024
                                                                                                                                                                                                                                                                                                                                        Path:C:\Windows\System32\OpenWith.exe
                                                                                                                                                                                                                                                                                                                                        Wow64 process (32bit):false
                                                                                                                                                                                                                                                                                                                                        Commandline:C:\Windows\system32\OpenWith.exe -Embedding
                                                                                                                                                                                                                                                                                                                                        Imagebase:0x7ff6b7d60000
                                                                                                                                                                                                                                                                                                                                        File size:123'984 bytes
                                                                                                                                                                                                                                                                                                                                        MD5 hash:E4A834784FA08C17D47A1E72429C5109
                                                                                                                                                                                                                                                                                                                                        Has elevated privileges:false
                                                                                                                                                                                                                                                                                                                                        Has administrator privileges:false
                                                                                                                                                                                                                                                                                                                                        Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                                                                        Reputation:moderate
                                                                                                                                                                                                                                                                                                                                        Has exited:true

                                                                                                                                                                                                                                                                                                                                        General

                                                                                                                                                                                                                                                                                                                                        Target ID:12
                                                                                                                                                                                                                                                                                                                                        Start time:07:27:27
                                                                                                                                                                                                                                                                                                                                        Start date:26/04/2024
                                                                                                                                                                                                                                                                                                                                        Path:C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                                                                                        Wow64 process (32bit):false
                                                                                                                                                                                                                                                                                                                                        Commandline:"C:\Program Files\Mozilla Firefox\firefox.exe" -osint -url "C:\Users\user\AppData\Local\Temp\Temp1_MDE_File_Sample_a8068703372ae00821df45d3d1e83528d5b75530.zip\a8068703372ae00821df45d3d1e83528d5b75530"
                                                                                                                                                                                                                                                                                                                                        Imagebase:0x7ff7916a0000
                                                                                                                                                                                                                                                                                                                                        File size:676'768 bytes
                                                                                                                                                                                                                                                                                                                                        MD5 hash:C86B1BE9ED6496FE0E0CBE73F81D8045
                                                                                                                                                                                                                                                                                                                                        Has elevated privileges:false
                                                                                                                                                                                                                                                                                                                                        Has administrator privileges:false
                                                                                                                                                                                                                                                                                                                                        Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                                                                        Reputation:high
                                                                                                                                                                                                                                                                                                                                        Has exited:true

                                                                                                                                                                                                                                                                                                                                        General

                                                                                                                                                                                                                                                                                                                                        Target ID:13
                                                                                                                                                                                                                                                                                                                                        Start time:07:27:27
                                                                                                                                                                                                                                                                                                                                        Start date:26/04/2024
                                                                                                                                                                                                                                                                                                                                        Path:C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                                                                                        Wow64 process (32bit):false
                                                                                                                                                                                                                                                                                                                                        Commandline:"C:\Program Files\Mozilla Firefox\firefox.exe" -osint -url C:\Users\user\AppData\Local\Temp\Temp1_MDE_File_Sample_a8068703372ae00821df45d3d1e83528d5b75530.zip\a8068703372ae00821df45d3d1e83528d5b75530
                                                                                                                                                                                                                                                                                                                                        Imagebase:0x7ff7916a0000
                                                                                                                                                                                                                                                                                                                                        File size:676'768 bytes
                                                                                                                                                                                                                                                                                                                                        MD5 hash:C86B1BE9ED6496FE0E0CBE73F81D8045
                                                                                                                                                                                                                                                                                                                                        Has elevated privileges:false
                                                                                                                                                                                                                                                                                                                                        Has administrator privileges:false
                                                                                                                                                                                                                                                                                                                                        Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                                                                        Reputation:high
                                                                                                                                                                                                                                                                                                                                        Has exited:false

                                                                                                                                                                                                                                                                                                                                        General

                                                                                                                                                                                                                                                                                                                                        Target ID:14
                                                                                                                                                                                                                                                                                                                                        Start time:07:27:28
                                                                                                                                                                                                                                                                                                                                        Start date:26/04/2024
                                                                                                                                                                                                                                                                                                                                        Path:C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                                                                                        Wow64 process (32bit):false
                                                                                                                                                                                                                                                                                                                                        Commandline:"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=2304 -parentBuildID 20230927232528 -prefsHandle 2248 -prefMapHandle 2232 -prefsLen 25250 -prefMapSize 237879 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {84178f49-fa31-4e5c-8e41-cdee470f9e82} 6392 "\\.\pipe\gecko-crash-server-pipe.6392" 235c4671b10 socket
                                                                                                                                                                                                                                                                                                                                        Imagebase:0x7ff7916a0000
                                                                                                                                                                                                                                                                                                                                        File size:676'768 bytes
                                                                                                                                                                                                                                                                                                                                        MD5 hash:C86B1BE9ED6496FE0E0CBE73F81D8045
                                                                                                                                                                                                                                                                                                                                        Has elevated privileges:false
                                                                                                                                                                                                                                                                                                                                        Has administrator privileges:false
                                                                                                                                                                                                                                                                                                                                        Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                                                                        Reputation:high
                                                                                                                                                                                                                                                                                                                                        Has exited:false

                                                                                                                                                                                                                                                                                                                                        General

                                                                                                                                                                                                                                                                                                                                        Target ID:15
                                                                                                                                                                                                                                                                                                                                        Start time:07:27:30
                                                                                                                                                                                                                                                                                                                                        Start date:26/04/2024
                                                                                                                                                                                                                                                                                                                                        Path:C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                                                                                        Wow64 process (32bit):false
                                                                                                                                                                                                                                                                                                                                        Commandline:"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=4020 -parentBuildID 20230927232528 -prefsHandle 4012 -prefMapHandle 4004 -prefsLen 26265 -prefMapSize 237879 -appDir "C:\Program Files\Mozilla Firefox\browser" - {97f5d0a2-275d-4e4d-81e3-139df34d68d6} 6392 "\\.\pipe\gecko-crash-server-pipe.6392" 235d65df510 rdd
                                                                                                                                                                                                                                                                                                                                        Imagebase:0x7ff7916a0000
                                                                                                                                                                                                                                                                                                                                        File size:676'768 bytes
                                                                                                                                                                                                                                                                                                                                        MD5 hash:C86B1BE9ED6496FE0E0CBE73F81D8045
                                                                                                                                                                                                                                                                                                                                        Has elevated privileges:false
                                                                                                                                                                                                                                                                                                                                        Has administrator privileges:false
                                                                                                                                                                                                                                                                                                                                        Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                                                                        Reputation:high
                                                                                                                                                                                                                                                                                                                                        Has exited:false

                                                                                                                                                                                                                                                                                                                                        General

                                                                                                                                                                                                                                                                                                                                        Target ID:16
                                                                                                                                                                                                                                                                                                                                        Start time:07:27:39
                                                                                                                                                                                                                                                                                                                                        Start date:26/04/2024
                                                                                                                                                                                                                                                                                                                                        Path:C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                                                                                        Wow64 process (32bit):false
                                                                                                                                                                                                                                                                                                                                        Commandline:"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=5548 -parentBuildID 20230927232528 -sandboxingKind 0 -prefsHandle 5620 -prefMapHandle 5616 -prefsLen 33076 -prefMapSize 237879 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {b6afafae-c0dc-4023-a0ff-235b54a45615} 6392 "\\.\pipe\gecko-crash-server-pipe.6392" 235e4d2fd10 utility
                                                                                                                                                                                                                                                                                                                                        Imagebase:0x7ff7916a0000
                                                                                                                                                                                                                                                                                                                                        File size:676'768 bytes
                                                                                                                                                                                                                                                                                                                                        MD5 hash:C86B1BE9ED6496FE0E0CBE73F81D8045
                                                                                                                                                                                                                                                                                                                                        Has elevated privileges:false
                                                                                                                                                                                                                                                                                                                                        Has administrator privileges:false
                                                                                                                                                                                                                                                                                                                                        Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                                                                        Reputation:high
                                                                                                                                                                                                                                                                                                                                        Has exited:false

                                                                                                                                                                                                                                                                                                                                        General

                                                                                                                                                                                                                                                                                                                                        Target ID:20
                                                                                                                                                                                                                                                                                                                                        Start time:07:28:55
                                                                                                                                                                                                                                                                                                                                        Start date:26/04/2024
                                                                                                                                                                                                                                                                                                                                        Path:C:\Windows\System32\OpenWith.exe
                                                                                                                                                                                                                                                                                                                                        Wow64 process (32bit):false
                                                                                                                                                                                                                                                                                                                                        Commandline:C:\Windows\system32\OpenWith.exe -Embedding
                                                                                                                                                                                                                                                                                                                                        Imagebase:0x7ff6b7d60000
                                                                                                                                                                                                                                                                                                                                        File size:123'984 bytes
                                                                                                                                                                                                                                                                                                                                        MD5 hash:E4A834784FA08C17D47A1E72429C5109
                                                                                                                                                                                                                                                                                                                                        Has elevated privileges:false
                                                                                                                                                                                                                                                                                                                                        Has administrator privileges:false
                                                                                                                                                                                                                                                                                                                                        Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                                                                        Reputation:moderate
                                                                                                                                                                                                                                                                                                                                        Has exited:true

                                                                                                                                                                                                                                                                                                                                        General

                                                                                                                                                                                                                                                                                                                                        Target ID:21
                                                                                                                                                                                                                                                                                                                                        Start time:07:28:59
                                                                                                                                                                                                                                                                                                                                        Start date:26/04/2024
                                                                                                                                                                                                                                                                                                                                        Path:C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
                                                                                                                                                                                                                                                                                                                                        Wow64 process (32bit):false
                                                                                                                                                                                                                                                                                                                                        Commandline:"C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe" "C:\Users\user\Downloads\a8068703372ae00821df45d3d1e83528d5b75530"
                                                                                                                                                                                                                                                                                                                                        Imagebase:0x7ff69aef0000
                                                                                                                                                                                                                                                                                                                                        File size:5'641'176 bytes
                                                                                                                                                                                                                                                                                                                                        MD5 hash:24EAD1C46A47022347DC0F05F6EFBB8C
                                                                                                                                                                                                                                                                                                                                        Has elevated privileges:false
                                                                                                                                                                                                                                                                                                                                        Has administrator privileges:false
                                                                                                                                                                                                                                                                                                                                        Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                                                                        Reputation:moderate
                                                                                                                                                                                                                                                                                                                                        Has exited:false

                                                                                                                                                                                                                                                                                                                                        General

                                                                                                                                                                                                                                                                                                                                        Target ID:22
                                                                                                                                                                                                                                                                                                                                        Start time:07:29:03
                                                                                                                                                                                                                                                                                                                                        Start date:26/04/2024
                                                                                                                                                                                                                                                                                                                                        Path:C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe
                                                                                                                                                                                                                                                                                                                                        Wow64 process (32bit):false
                                                                                                                                                                                                                                                                                                                                        Commandline:"C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe" --backgroundcolor=16777215
                                                                                                                                                                                                                                                                                                                                        Imagebase:0x7ff797f30000
                                                                                                                                                                                                                                                                                                                                        File size:3'581'912 bytes
                                                                                                                                                                                                                                                                                                                                        MD5 hash:9B38E8E8B6DD9622D24B53E095C5D9BE
                                                                                                                                                                                                                                                                                                                                        Has elevated privileges:false
                                                                                                                                                                                                                                                                                                                                        Has administrator privileges:false
                                                                                                                                                                                                                                                                                                                                        Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                                                                        Reputation:moderate
                                                                                                                                                                                                                                                                                                                                        Has exited:false

                                                                                                                                                                                                                                                                                                                                        General

                                                                                                                                                                                                                                                                                                                                        Target ID:23
                                                                                                                                                                                                                                                                                                                                        Start time:07:29:03
                                                                                                                                                                                                                                                                                                                                        Start date:26/04/2024
                                                                                                                                                                                                                                                                                                                                        Path:C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe
                                                                                                                                                                                                                                                                                                                                        Wow64 process (32bit):false
                                                                                                                                                                                                                                                                                                                                        Commandline:"C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --log-severity=disable --user-agent-product="ReaderServices/23.6.20320 Chrome/105.0.0.0" --lang=en-US --log-file="C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\debug.log" --mojo-platform-channel-handle=1756 --field-trial-handle=1584,i,12228695359465084029,946614608337436379,131072 --disable-features=BackForwardCache,CalculateNativeWinOcclusion,WinUseBrowserSpellChecker /prefetch:8
                                                                                                                                                                                                                                                                                                                                        Imagebase:0x7ff797f30000
                                                                                                                                                                                                                                                                                                                                        File size:3'581'912 bytes
                                                                                                                                                                                                                                                                                                                                        MD5 hash:9B38E8E8B6DD9622D24B53E095C5D9BE
                                                                                                                                                                                                                                                                                                                                        Has elevated privileges:false
                                                                                                                                                                                                                                                                                                                                        Has administrator privileges:false
                                                                                                                                                                                                                                                                                                                                        Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                                                                        Reputation:moderate
                                                                                                                                                                                                                                                                                                                                        Has exited:false

                                                                                                                                                                                                                                                                                                                                        Disassembly

                                                                                                                                                                                                                                                                                                                                        Reset < >

                                                                                                                                                                                                                                                                                                                                          Execution Graph

                                                                                                                                                                                                                                                                                                                                          Execution Coverage:0.4%
                                                                                                                                                                                                                                                                                                                                          Dynamic/Decrypted Code Coverage:0%
                                                                                                                                                                                                                                                                                                                                          Signature Coverage:100%
                                                                                                                                                                                                                                                                                                                                          Total number of Nodes:6
                                                                                                                                                                                                                                                                                                                                          Total number of Limit Nodes:0
                                                                                                                                                                                                                                                                                                                                          execution_graph 5009 14a6beb64b2 5010 14a6beb6509 NtQuerySystemInformation 5009->5010 5011 14a6beb4884 5009->5011 5010->5011 5006 14a6be84bb7 5007 14a6be84bc7 NtQuerySystemInformation 5006->5007 5008 14a6be84b64 5007->5008

                                                                                                                                                                                                                                                                                                                                          Callgraph

                                                                                                                                                                                                                                                                                                                                          Executed Functions

                                                                                                                                                                                                                                                                                                                                          Function 0000014A6BEB64B2 Relevance: 26.1, APIs: 1, Strings: 10, Instructions: 6826nativeCOMMON
                                                                                                                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                                                                                                                          Strings
                                                                                                                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                                                                                                                          • Source File: 0000000F.00000002.2430604151.0000014A6BEB4000.00000020.00000001.00020000.00000000.sdmp, Offset: 0000014A6BEB4000, based on PE: false
                                                                                                                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                          • Snapshot File: hcaresult_15_2_14a6beb4000_firefox.jbxd
                                                                                                                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                                                                                                                          • API ID: InformationQuerySystem
                                                                                                                                                                                                                                                                                                                                          • String ID: #$#$#$4$>$>$>$A$z$z
                                                                                                                                                                                                                                                                                                                                          • API String ID: 3562636166-3072146587
                                                                                                                                                                                                                                                                                                                                          • Opcode ID: a7beeb6ed6d4bd1c13836e24e4a4bf8602c8d7752103ee20adf8d6ea9f6b849f
                                                                                                                                                                                                                                                                                                                                          • Instruction ID: 091a2680306228dd961ce168085718e4ada9a4968cd86a9bbb1ac6c5b000dfeb
                                                                                                                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: a7beeb6ed6d4bd1c13836e24e4a4bf8602c8d7752103ee20adf8d6ea9f6b849f
                                                                                                                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: 11A3E431658A598BDB2EDF18DC856E973E5FF98300F55422ED84AC7251DF34EA028BC2
                                                                                                                                                                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                                                                                          Function 0000014A6BE84BB7 Relevance: 8.4, APIs: 1, Instructions: 6852nativeCOMMON
                                                                                                                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                                                                                                                          • Source File: 0000000F.00000002.2427599412.0000014A6BE82000.00000020.00000001.00020000.00000000.sdmp, Offset: 0000014A6BE82000, based on PE: false
                                                                                                                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                          • Snapshot File: hcaresult_15_2_14a6be82000_firefox.jbxd
                                                                                                                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                                                                                                                          • API ID: InformationQuerySystem
                                                                                                                                                                                                                                                                                                                                          • String ID:
                                                                                                                                                                                                                                                                                                                                          • API String ID: 3562636166-0
                                                                                                                                                                                                                                                                                                                                          • Opcode ID: a3d4a310f25344abd1978f5247c9d082b9ccbb3eaa73dfa71153365510a96fee
                                                                                                                                                                                                                                                                                                                                          • Instruction ID: b15b2a5e282611efb02ce18c16e4ea0e8ff4bfde88dee75e5950fae7592b19ec
                                                                                                                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: a3d4a310f25344abd1978f5247c9d082b9ccbb3eaa73dfa71153365510a96fee
                                                                                                                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: F3A3D331654E588BDB2EDF28DC856E973E5FF95300F46422ED94BC7251DF30EA428A82
                                                                                                                                                                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                                                                                          Function 0000014A6BEB64F2 Relevance: 4.6, Strings: 3, Instructions: 887COMMON
                                                                                                                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                                                                                                                          Strings
                                                                                                                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                                                                                                                          • Source File: 0000000F.00000002.2430604151.0000014A6BEB4000.00000020.00000001.00020000.00000000.sdmp, Offset: 0000014A6BEB4000, based on PE: false
                                                                                                                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                          • Snapshot File: hcaresult_15_2_14a6beb4000_firefox.jbxd
                                                                                                                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                                                                                                                          • API ID:
                                                                                                                                                                                                                                                                                                                                          • String ID: #$4$z
                                                                                                                                                                                                                                                                                                                                          • API String ID: 0-222932584
                                                                                                                                                                                                                                                                                                                                          • Opcode ID: 3f12bc94a441b99678d1f37fd838eb33403ab1c1100704a4327215b314ffab7c
                                                                                                                                                                                                                                                                                                                                          • Instruction ID: cbd2681f889aa8f9bbcd4a418b232aa0b15763795e5062774023595c989c890a
                                                                                                                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: 3f12bc94a441b99678d1f37fd838eb33403ab1c1100704a4327215b314ffab7c
                                                                                                                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: F152AB31618E5DCBEB2AEF28DC856E973E4FF54301F45022AD84AC7265DF34EA458B81
                                                                                                                                                                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                                                                                          Function 0000014A6BE8BC80 Relevance: .1, Instructions: 84COMMON
                                                                                                                                                                                                                                                                                                                                          Download Yara Rule

                                                                                                                                                                                                                                                                                                                                          Control-flow Graph

                                                                                                                                                                                                                                                                                                                                          • Executed
                                                                                                                                                                                                                                                                                                                                          • Not Executed
                                                                                                                                                                                                                                                                                                                                          control_flow_graph 2852 14a6be8bc80-14a6be8bcc3 2854 14a6be8bcc7-14a6be8bcc9 2852->2854 2855 14a6be8bccb-14a6be8bd02 2854->2855 2856 14a6be8bd1f-14a6be8bd51 2854->2856 2855->2856
                                                                                                                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                                                                                                                          • Source File: 0000000F.00000002.2427599412.0000014A6BE8B000.00000020.00000001.00020000.00000000.sdmp, Offset: 0000014A6BE8B000, based on PE: false
                                                                                                                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                          • Snapshot File: hcaresult_15_2_14a6be8b000_firefox.jbxd
                                                                                                                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                                                                                                                          • API ID:
                                                                                                                                                                                                                                                                                                                                          • String ID:
                                                                                                                                                                                                                                                                                                                                          • API String ID:
                                                                                                                                                                                                                                                                                                                                          • Opcode ID: 8652d10666754b2673ec23b18fbfb331b0887f9ca02ad2742c98355d790f1295
                                                                                                                                                                                                                                                                                                                                          • Instruction ID: 3ef98f28dd038f074b108f67df2dda42222b35adb529741c2326abd46e384a13
                                                                                                                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: 8652d10666754b2673ec23b18fbfb331b0887f9ca02ad2742c98355d790f1295
                                                                                                                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: 3D21633151CB8C4FD755DF28C844B96BBE1FB5A310F1506AFE08AC7292DA34D9458782
                                                                                                                                                                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                                                                                                                                                                          Uniqueness Score: -1.00%

                                                                                                                                                                                                                                                                                                                                          Non-executed Functions

                                                                                                                                                                                                                                                                                                                                          Function 0000014A6BEB6BDC Relevance: .4, Instructions: 417COMMON
                                                                                                                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                                                                                                                          • Source File: 0000000F.00000002.2430604151.0000014A6BEB4000.00000020.00000001.00020000.00000000.sdmp, Offset: 0000014A6BEB4000, based on PE: false
                                                                                                                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                          • Snapshot File: hcaresult_15_2_14a6beb4000_firefox.jbxd
                                                                                                                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                                                                                                                          • API ID:
                                                                                                                                                                                                                                                                                                                                          • String ID:
                                                                                                                                                                                                                                                                                                                                          • API String ID:
                                                                                                                                                                                                                                                                                                                                          • Opcode ID: 2fa4645b680d34bee22a3500d205d04f87224c646c510b3238a6d81739ab6236
                                                                                                                                                                                                                                                                                                                                          • Instruction ID: ae1f14e9e2b931d000b673405ad2e6453b1f771fe91e3c9108f771992e59d890
                                                                                                                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: 2fa4645b680d34bee22a3500d205d04f87224c646c510b3238a6d81739ab6236
                                                                                                                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: DBB1E331B5C2900B871CC92D586707AF7D7EBCA60AB25E23EE9C7C7299DD3444139AC6
                                                                                                                                                                                                                                                                                                                                          Uniqueness

                                                                                                                                                                                                                                                                                                                                          Uniqueness Score: -1.00%